Export limit exceeded: 19816 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6627 1 Webbdomain 1 Webshop 2026-04-23 N/A
SQL injection vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-2337 1 W3bcms 2 Gaestebuch Guestbook Module, W3bcms 2026-04-23 N/A
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spam_id parameter.
CVE-2008-3490 1 E-topbiz 1 Online Dating 2026-04-23 N/A
SQL injection vulnerability in members/mail.php in E-topbiz Online Dating 3 1.0 allows remote authenticated users to execute arbitrary SQL commands via the mail_id parameter in a veiw action.
CVE-2009-2326 1 Max Kervin 1 Kervinet Forum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in KerviNet Forum 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) an enter_parol cookie to index.php in an auto action or (2) the topic parameter to message.php. NOTE: vector 2 can be leveraged for a cross-site scripting (XSS) attack.
CVE-2007-4173 1 Hunkaray Okul 1 Portaly 2026-04-23 N/A
SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080.
CVE-2009-2311 2 Selbstzweck, Woltlab 2 Rgallery Plugin, Burning Board 2026-04-23 N/A
SQL injection vulnerability in the rGallery plugin 1.2.3 for WoltLab Burning Board (WBB3) allows remote attackers to execute arbitrary SQL commands via the userID parameter in the RGalleryUserGallery page to index.php, a different vector than CVE-2008-4627.
CVE-2008-3489 1 Phpx 1 Phpx 2026-04-23 N/A
SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie.
CVE-2009-2310 1 Bow Der Kleine 1 X-blc 2026-04-23 N/A
SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2008-0511 2 Joomla, Mambo 2 Com Mamml, Com Mamml 2026-04-23 N/A
SQL injection vulnerability in index.php in the MaMML (com_mamml) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
CVE-2009-3806 1 Dedecms 1 Dedecms 2026-04-23 N/A
SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter.
CVE-2009-2309 1 Codice-cms 1 Codice Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Codice CMS 2 allows remote attackers to execute arbitrary SQL commands via the tag parameter.
CVE-2008-3487 1 Phpauctions 1 Phpauction Gpl Enhanced 2026-04-23 N/A
SQL injection vulnerability in profile.php in PHPAuction GPL Enhanced 2.51 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2308 2 Punbb, Punres 2 Punbb, Affiliates Mod 2026-04-23 N/A
Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and earlier for PunBB allow remote attackers to execute arbitrary SQL commands via the (1) in or (2) out parameter.
CVE-2008-1907 1 Cpcommerce 1 Cpcommerce 2026-04-23 N/A
Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and CVE-2007-2890.
CVE-2008-3484 1 Estoreaff 1 Estoreaff 2026-04-23 N/A
SQL injection vulnerability in eStoreAff 0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter in a showcat action to index.php.
CVE-2009-2290 2 Joomla, Kim Eckert 2 Joomla\!, Com Bsadv 2026-04-23 N/A
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php.
CVE-2008-0510 2 Joomla, Mambo 3 Com Newsletter, Com Newsletter, Mambo 2026-04-23 N/A
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
CVE-2008-6489 2 Huseyin Bora Abaci, Joomla 2 Com Myalbum, Joomla 2026-04-23 N/A
SQL injection vulnerability in MyAlbum component (com_myalbum) 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the album parameter to index.php.
CVE-2008-3452 1 Endonesia 2 Calendar Module, Endonesia 2026-04-23 N/A
SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.
CVE-2009-2269 1 Phome Empire 1 Phome Empire Cms 2026-04-23 N/A
SQL injection vulnerability in Empire CMS 5.1 allows remote attackers to execute arbitrary SQL commands via the bid parameter to the default URI under e/tool/gbook/.