Export limit exceeded: 16514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | ||||
| CVE-2009-0292 | 1 Shop-inet | 1 Shop-inet | 2026-04-23 | N/A |
| SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | ||||
| CVE-2009-2019 | 1 Virtuenetz | 1 Virtue News Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in news_detail.php in Virtue News Manager allows remote attackers to execute arbitrary SQL commands via the nid parameter. | ||||
| CVE-2008-6509 | 1 Igniterealtime | 1 Openfire | 2026-04-23 | N/A |
| SQL injection vulnerability in CallLogDAO in SIP Plugin in Openfire 3.6.0a and earlier allows remote attackers to execute arbitrary SQL commands via the type parameter to sipark-log-summary.jsp. | ||||
| CVE-2008-2781 | 1 Dzoic | 1 Handshakes | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in DZOIC Handshakes 3.5 allows remote attackers to execute arbitrary SQL commands via the fname parameter in a members search action. | ||||
| CVE-2008-1351 | 1 Xoops | 1 Tutoriais Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tutorials 2.1b module for XOOPS allows remote attackers to execute arbitrary SQL commands via the tid parameter to printpage.php, which is accessible directly or through a printpage action to index.php. | ||||
| CVE-2008-6489 | 2 Huseyin Bora Abaci, Joomla | 2 Com Myalbum, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php. | ||||
| CVE-2008-4355 | 1 Powie | 1 Pforum | 2026-04-23 | N/A |
| SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2097 | 1 Zokisoft | 1 Zoki Catalog | 2026-04-23 | N/A |
| SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0379 | 1 Joomla | 2 Com Pcchess, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. | ||||
| CVE-2009-0425 | 1 Blue Eye Cms | 1 Blue Eye Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Blue Eye CMS 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the clanek parameter. | ||||
| CVE-2008-5739 | 1 Pligg | 1 Pligg Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in evb/check_url.php in Pligg CMS 9.9.5 Beta allows remote attackers to execute arbitrary SQL commands via the url parameter. | ||||
| CVE-2007-6518 | 1 Woltlab | 1 Burning Board Lite | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters. | ||||
| CVE-2008-1341 | 1 Lagarde | 1 Storefront | 2026-04-23 | N/A |
| SQL injection vulnerability in SearchResults.aspx in LaGarde StoreFront 6 before SP8 allows remote attackers to execute arbitrary SQL commands via the CategoryId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1229 | 1 Arcadwy | 1 Arcadwy Arcade Script | 2026-04-23 | N/A |
| SQL injection vulnerability in Arcadwy Arcade Script allows remote attackers to execute arbitrary SQL commands via the user cookie parameter. | ||||
| CVE-2009-2093 | 1 Ibm | 1 Websphere Partner Gateway | 2026-04-23 | N/A |
| SQL injection vulnerability in the console in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 before FP8, 6.1 before FP3, 6.1.1 before FP2, and 6.2 before FP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2009-2017 | 1 Virtuenetz | 1 Virtue Book Store | 2026-04-23 | N/A |
| SQL injection vulnerability in products.php in Virtue Book Store allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-2868 | 1 Duware | 1 Ducalendar | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. | ||||
| CVE-2008-1486 | 1 Phorum | 1 Phorum | 2026-04-23 | N/A |
| SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search. | ||||
| CVE-2009-2096 | 1 David Degner | 1 Phpcollegeexchange | 2026-04-23 | N/A |
| SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote attackers to execute arbitrary SQL commands via the itemnr parameter. | ||||