Export limit exceeded: 19826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19826 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4177 | 1 Preprojects | 1 Pre Real Estate Listings | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter. | ||||
| CVE-2008-4178 | 1 Downline Goldmine | 2 Builder, New Addon | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4185 | 1 Webcms | 1 Webcms Portal Edition | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id parameter in a documentos action, a different vector than CVE-2008-3213. | ||||
| CVE-2008-4186 | 1 Webcms | 1 Webcms Portal Edition | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-4202 | 1 Gonafish | 1 Linkscaffepro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action. | ||||
| CVE-2008-4203 | 1 Czaries | 1 Czarnews | 2026-04-23 | N/A |
| SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie. | ||||
| CVE-2008-4204 | 1 Softacid | 1 Hotel Reservation System | 2026-04-23 | N/A |
| SQL injection vulnerability in city.asp in SoftAcid Hotel Reservation System (HRS) allows remote attackers to execute arbitrary SQL commands via the city parameter. | ||||
| CVE-2008-4205 | 1 Attachmax | 1 Dolphin | 2026-04-23 | N/A |
| SQL injection vulnerability in search.php Attachmax Dolphin 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter in a Search action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4241 | 1 Cj | 1 Ultra Plus | 2026-04-23 | N/A |
| SQL injection vulnerability in CJ Ultra Plus 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via an SID cookie. | ||||
| CVE-2008-4303 | 1 Php-collab | 1 Php-collab | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors. | ||||
| CVE-2009-0543 | 1 Proftpd | 1 Proftpd | 2026-04-23 | N/A |
| ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres. | ||||
| CVE-2009-3185 | 1 Comsenz | 2 Crazy Star Plugin, Discuz\! | 2026-04-23 | N/A |
| SQL injection vulnerability in plugin.php in the Crazy Star plugin 2.0 for Discuz! allows remote authenticated users to execute arbitrary SQL commands via the fmid parameter in a view action. | ||||
| CVE-2008-6990 | 1 Ezphotogallery | 1 Ezphotogallery | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-23 | 9.8 Critical |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5606 | 1 Bytesfall Explorer | 1 Bytesfall Explorer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors. | ||||
| CVE-2006-5629 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Hosting Controller 6.1 before Hotfix 3.3 allow remote attackers to execute arbitrary SQL commands via the ForumID parameter in (1) DisableForum.asp and (2) enableForum.asp. NOTE: it was later reported that the vulnerability is present in 6.1 Hotfix 3.3 and earlier. | ||||
| CVE-2006-5738 | 1 Punbb | 1 Punbb | 2026-04-23 | 7.2 High |
| Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-6337 | 1 Aspindir | 1 Aspee Ziyaretci Defteri | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri allow remote attackers to execute arbitrary SQL commands via the (1) kullanici or (2) parola parameter. | ||||
| CVE-2006-6349 | 1 Pwp Technologies | 1 The Classified Ad System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the search engine. | ||||
| CVE-2006-6367 | 1 Duware | 3 Dudownload, Dunews, Dupaypal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976. | ||||