Export limit exceeded: 366583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19843 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2427 1 Jobbr 1 Jobbr 2026-04-23 N/A
SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter.
CVE-2009-2423 1 Ebayclonescript 1 Ebay Clone 2026-04-23 N/A
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
CVE-2009-2402 1 Phpecho Cms 1 Phpecho Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
CVE-2009-2400 2 Fijiwebdesign, Joomla 2 Com Php, Joomla 2026-04-23 N/A
SQL injection vulnerability in the PHP (com_php) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-2395 2 Joomla, Joomlaworks 2 Joomla\!, Com K2 2026-04-23 N/A
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
CVE-2009-2394 2 Mr Saphp Arabic Mobile, Smspages 2 Messages Library, Smspages 2026-04-23 N/A
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
CVE-2009-2392 1 Virtuenetz 1 Virtue Online Test Generator 2026-04-23 N/A
SQL injection vulnerability in text.php in Virtuenetz Virtue Online Test Generator allows remote attackers to execute arbitrary SQL commands via the tid parameter.
CVE-2009-2390 2 F-cimag-in, Joomla 2 Com Bookflip, Joomla 2026-04-23 N/A
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
CVE-2009-2389 1 Usolved 1 Newsolved 2026-04-23 N/A
Multiple SQL injection vulnerabilities in newsscript.php in USOLVED NEWSolved 1.1.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) jahr or (2) idneu parameter in an archive action, or (3) the newsid parameter.
CVE-2009-2388 1 Shalwan 1 Opial 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2385 2 Fustrate, Simple Machines 2 Member Awards, Smf 2026-04-23 N/A
SQL injection vulnerability in the awardsMembers function in Sources/Profile.php in the Member Awards component 1.0.2 for Simple Machines Forum (SMF) allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2009-2383 2 Blogtrafficexchange, Wordpress 2 Related-sites, Wordpress 2026-04-23 N/A
SQL injection vulnerability in BTE_RW_webajax.php in the Related Sites plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the guid parameter.
CVE-2008-7038 2 Maxdev, Phpnuke 2 My Egallery, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.
CVE-2009-2366 1 Datachecknh 2 Forumpal, Forumpal Fe 2026-04-23 N/A
SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information.
CVE-2009-2365 1 Datachecknh 1 Gallerypal Fe 2026-04-23 N/A
SQL injection vulnerability in login.asp in DataCheck Solutions GalleryPal FE 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-2361 1 Osticket 1 Osticket 2026-04-23 N/A
SQL injection vulnerability in include/class.staff.php in osTicket before 1.6 RC5 allows remote attackers to execute arbitrary SQL commands via the staff username parameter.
CVE-2009-2359 1 Yasinkaplan 1 Tekradius 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TekRADIUS 3.0 allow context-dependent attackers to execute arbitrary SQL commands via (1) the GUI client, as demonstrated by input to the Browse Users text box in the Users tab; or (2) the command-line client, as demonstrated by a certain trcli -r command.
CVE-2009-2354 1 Nulllogic 1 Groupware 2026-04-23 N/A
SQL injection vulnerability in the auth_checkpass function in the login page in NullLogic Groupware 1.2.7 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-2345 1 Clansphere 1 Clansphere 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 allow remote attackers to execute arbitrary SQL commands via unknown parameters to the gbook module and unspecified other components.
CVE-2009-2341 1 Shalwan 1 Opial 2026-04-23 N/A
SQL injection vulnerability in albumdetail.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the albumid parameter.