Export limit exceeded: 365419 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19820 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19820 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3762 1 Turnkeywebtools 1 Php Live Helper 2026-04-23 N/A
SQL injection vulnerability in onlinestatus_html.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the dep parameter, related to lack of input sanitization in the get function in global.php.
CVE-2008-3765 1 Discountedscripts 1 Quick Poll Script 2026-04-23 N/A
SQL injection vulnerability in code.php in Quick Poll Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3767 1 Smartisoft 1 Phpbazar 2026-04-23 N/A
SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote attackers to execute arbitrary SQL commands via the adid parameter.
CVE-2008-3768 1 Turnkeywebtools 1 Sunshop Shopping Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in class.ajax.php in Turnkey Web Tools SunShop Shopping Cart before 4.1.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an edit_registry action to index.php, (2) a vector involving the check_email function, and other vectors.
CVE-2008-3948 1 Xrms 1 Xrms Crm 2026-04-23 N/A
SQL injection vulnerability in admin/users/self-2.php in XRMS allows remote attackers to execute arbitrary SQL commands and modify name and email fields via unspecified vectors.
CVE-2008-3772 1 Pars4u 1 Videosharing 2026-04-23 N/A
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2008-3774 1 Simasy 1 Simasy Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Simasy CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3780 1 Review-script 1 Five Star Review Script 2026-04-23 N/A
SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2008-3783 1 Matterdaddy 1 Matterdaddy Market 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters.
CVE-2008-3784 2 Btitracker Project, Xbtitracker Project 2 Btitracker, Xbtitracker 2026-04-23 N/A
SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter.
CVE-2008-3785 1 Miacms 1 Miacms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php.
CVE-2008-3787 1 Nullscripts 1 Web Directory Script 2026-04-23 N/A
SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-3788 1 Picturespro 1 Picturespro Photo Cart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php.
CVE-2008-3845 1 Craftysyntax 1 Crafty Syntax Live Help 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php.
CVE-2008-3848 1 Pdesigner 1 Z-breaknews 2026-04-23 N/A
SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3861 1 Phpmyrealty 1 Phpmyrealty 2026-04-23 N/A
Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php.
CVE-2008-3867 1 Cce-interact 1 Interact 2026-04-23 N/A
SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter.
CVE-2008-3880 1 Zoneminder 1 Zoneminder 2026-04-23 N/A
SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter.
CVE-2008-3887 1 Dotproject 1 Dotproject 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in dotProject 2.1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the tab parameter in a projects action, and (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in a viewuser action.
CVE-2008-3888 1 Aspindir 1 Mini Nuke Freehost 2026-04-23 N/A
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.