Export limit exceeded: 19812 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19812 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-7075 1 Kalptaru Infotech 1 Stararticles 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.
CVE-2008-3750 1 Yourfreeworld 1 Url Rotator Script 2026-04-23 N/A
SQL injection vulnerability in tr.php in YourFreeWorld URL Rotator Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4339 2 Stephan Vits, Typo3 2 Mf Subscription, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-4498 1 Phpautos 1 Phpautos 2026-04-23 N/A
SQL injection vulnerability in searchresults.php in PHP Autos 2.9.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2009-4475 2 Joomla, Joomlub 2 Joomla\!, Com Joomlub 2026-04-23 N/A
SQL injection vulnerability in the Joomlub (com_joomlub) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an auction edit action to index.php.
CVE-2008-2925 1 Valarsoft 1 Webmatic 2026-04-23 N/A
SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0677 1 A-blog 1 A-blog 2026-04-23 N/A
SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action.
CVE-2008-2114 1 Preprojects 1 Pre Shopping Mall 2026-04-23 N/A
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2007-4920 1 Php Webquest 1 Php Webquest 2026-04-23 N/A
SQL injection vulnerability in soporte_derecha_w.php in PHP Webquest 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id_actividad parameter.
CVE-2007-4984 2 Ktauber, Phpbb 2 Stylesdemo, Phpbb 2026-04-23 N/A
SQL injection vulnerability in index.php in the Ktauber.com StylesDemo mod for phpBB 2.0.xx allows remote attackers to execute arbitrary SQL commands via the s parameter.
CVE-2007-4918 1 Gelatocms 1 Gelatocms 2026-04-23 N/A
SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php.
CVE-2008-0498 1 Bigware 1 Bigware Shop 2026-04-23 N/A
SQL injection vulnerability in main_bigware_53.tpl.php in Bigware Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the pollid parameter in a results action to main_bigware_53.php.
CVE-2008-6204 1 Supernet 1 Supernet Shop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp.
CVE-2008-2870 1 Sharecms 1 Sharecms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote attackers to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
CVE-2008-3718 1 Cyberbb 1 Cyberbb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in cyberBB 0.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) id parameter to show_topic.php and the (2) user parameter to profile.php.
CVE-2009-4337 2 Simon Rundell, Typo3 2 Pd Calendar Today, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2008-6691.
CVE-2009-3669 2 Foobla, Joomla 2 Com Foobla Suggestions, Joomla 2026-04-23 N/A
SQL injection vulnerability in the foobla Suggestions (com_foobla_suggestions) component 1.5.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the idea_id parameter to index.php.
CVE-2008-6111 1 Netart Media 1 Vlog System 2026-04-23 N/A
SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter.
CVE-2008-0429 1 Alstrasoft 1 Forum Pay Per Post Exchange 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a forum_catview action.
CVE-2008-1425 1 Easy-clanpage 1 Easy-clanpage 2026-04-23 N/A
SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action.