Export limit exceeded: 19851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2560 1 Fourtwosevenbb 1 427bb 2026-04-23 N/A
SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter.
CVE-2008-2562 1 Powerphlogger 1 Powerphlogger 2026-04-23 N/A
SQL injection vulnerability in edCss.php in PowerPhlogger 2.2.5 and earlier allows remote authenticated users to execute arbitrary SQL commands via the css_str parameter in an edit action.
CVE-2008-2564 1 Joomla 2 Com Jotloader, Joomla 2026-04-23 N/A
SQL injection vulnerability in the JotLoader (com_jotloader) component 1.2.1.a and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php.
CVE-2008-2565 1 Php-address Book 1 Php-address Book 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
CVE-2008-2568 1 Joomla 2 Com Simpleshop, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Simple Shop Galore (com_simpleshop) component 3.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a browse action to index.php.
CVE-2008-2569 1 Joomla 1 Easybook Component 2026-04-23 N/A
SQL injection vulnerability in the EasyBook (com_easybook) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a deleteentry action to index.php.
CVE-2008-2572 1 Theflashblog 1 Flashblog 2026-04-23 N/A
SQL injection vulnerability in php/leer_comentarios.php in FlashBlog allows remote attackers to execute arbitrary SQL commands via the articulo_id parameter.
CVE-2008-3131 1 Powie 1 Psys 2026-04-23 N/A
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
CVE-2008-3132 1 Joomla 1 Com Beamospetition 2026-04-23 N/A
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
CVE-2008-3133 1 Barenuked 1 Barenuked Cms 2026-04-23 N/A
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2008-3136 1 Ashopsoftware 1 Ashop Deluxe 2026-04-23 N/A
SQL injection vulnerability in catalogue.php in AShop Deluxe 4.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-3151 2 Phpnuke, Warpspeed 2 4ndvddb, 4ndvddb 2026-04-23 N/A
SQL injection vulnerability in the 4ndvddb 0.91 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a show_dvd action.
CVE-2008-3152 1 Orbitscripts 2 Smartppc, Smartppc Pro 2026-04-23 N/A
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote attackers to execute arbitrary SQL commands via the idDirectory parameter.
CVE-2008-3153 1 Tritoncms 1 Triton Cms Pro 2026-04-23 N/A
SQL injection vulnerability in Triton CMS Pro allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2008-3154 1 Webblizzard 1 Content Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-3185 1 Vclcomponents 1 Relative Real Estate Systems 2026-04-23 N/A
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
CVE-2008-3189 1 Dreamlevels 1 Dreamnews Manager 2026-04-23 N/A
SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3191 1 Marcioforum 1 Mforum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile action.
CVE-2008-3193 1 Sclek 1 Jsite 2026-04-23 N/A
SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI.
CVE-2008-3200 1 Easy-script 1 Avlc Forum 2026-04-23 N/A
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote attackers to execute arbitrary SQL commands via the id parameter in an affich_message action.