Export limit exceeded: 366631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19851 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3419 | 1 Intesync | 1 Miniweb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter. | ||||
| CVE-2009-3418 | 1 Plume-cms | 1 Plume Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Plume CMS 1.2.3 allow (1) remote authenticated users to execute arbitrary SQL commands via the m parameter to manager/index.php and (2) remote authenticated administrators to execute arbitrary SQL commands via the id parameter in an edit_link action to manager/tools.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3326 | 1 Cmscontrol | 1 Cmscontrol | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the id_menu parameter. | ||||
| CVE-2009-3417 | 2 Idojoomla, Joomla | 2 Com Idoblog, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the IDoBlog (com_idoblog) component 1.1 build 30 for Joomla! allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action to index.php, a different vector than CVE-2008-2627. | ||||
| CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | ||||
| CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2009-3357 | 2 Joomla, Joomlahbs | 2 Joomla, Com Hbssearch | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS or com_hbssearch) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) h_id, (2) id, and (3) rid parameters to longDesc.php, and the h_id parameter to (4) detail.php, (5) detail1.php, (6) detail2.php, (7) detail3.php, (8) detail4.php, (9) detail5.php, (10) detail6.php, (11) detail7.php, and (12) detail8.php, different vectors than CVE-2008-5865, CVE-2008-5874, and CVE-2008-5875. | ||||
| CVE-2009-3356 | 1 Plohni | 1 Image Voting | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter. | ||||
| CVE-2009-3349 | 1 Datavore | 1 Gyro | 2026-04-23 | N/A |
| SQL injection vulnerability in Datavore Gyro 5.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a cat action to the home component. | ||||
| CVE-2009-3343 | 1 Hotwebscripts | 1 Hotweb Rentals | 2026-04-23 | N/A |
| SQL injection vulnerability in details.asp in HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PropId parameter. | ||||
| CVE-2009-3342 | 2 Alphaplug, Joomla | 2 Com Alphauserpoints, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in frontend/assets/ajax/checkusername.php in the AlphaUserPoints (com_alphauserpoints) component 1.5.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the username2points parameter. | ||||
| CVE-2009-3337 | 1 S9y | 1 Serendipity Event Freetag | 2026-04-23 | N/A |
| SQL injection vulnerability in the Freetag (serendipity_event_freetag) plugin before 3.09 for Serendipity (S9Y) allows remote attackers to execute arbitrary SQL commands via an unspecified parameter associated with Meta keywords in a blog entry. | ||||
| CVE-2009-3336 | 1 Phpprobid | 1 Php Pro Bid | 2026-04-23 | N/A |
| SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter. | ||||
| CVE-2009-3335 | 2 Joomla, Turtus | 2 Joomla\!, Turtushout | 2026-04-23 | N/A |
| SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field. | ||||
| CVE-2009-3334 | 2 Joomla, Lhacky | 2 Joomla\!, Com Jinc | 2026-04-23 | N/A |
| SQL injection vulnerability in the Lhacky! Extensions Cave Joomla! Integrated Newsletters Component (aka JINC or com_jinc) component 0.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a messages action to index.php. | ||||
| CVE-2009-3332 | 2 Joomla, Sopinet | 2 Joomla, Com Jbudgetsmagic | 2026-04-23 | N/A |
| SQL injection vulnerability in the JBudgetsMagic (com_jbudgetsmagic) component 0.3.2 through 0.4.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the bid parameter in a mybudget action to index.php. | ||||
| CVE-2009-3330 | 1 Cpecreator | 1 Cp Creator | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in cP Creator 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action. | ||||
| CVE-2009-3314 | 1 Eliteladders | 1 Elite Gaming Ladders | 2026-04-23 | N/A |
| SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter. | ||||
| CVE-2009-3309 | 1 Cfshopkart | 1 Cf Shopkart | 2026-04-23 | N/A |
| SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320. | ||||
| CVE-2008-4786 | 1 E107 | 2 E107, Easyshop Plugin | 2026-04-23 | N/A |
| SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||