Export limit exceeded: 16019 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14587 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 23568 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19856 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19856 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0451 | 1 Skalinks | 1 Skalinks | 2026-04-23 | N/A |
| SQL injection vulnerability in Skalfa SkaLinks 1.5 allows remote attackers to execute arbitrary SQL commands via the Admin name field to the default URI under admin/. | ||||
| CVE-2009-0452 | 1 Onlinegrades | 1 Online Grades | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameter. | ||||
| CVE-2009-3961 | 1 Jos De Ruijter | 1 Superseriousstats | 2026-04-23 | N/A |
| SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "incorrect regexp." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3665 | 1 Nullam | 1 Nullam Blog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action. | ||||
| CVE-2009-3661 | 2 Blueconstantmedia, Joomla | 2 Com Djcatalog, Joomla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php. | ||||
| CVE-2009-3659 | 1 Stanback | 1 Bs Counter | 2026-04-23 | N/A |
| SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2009-3645 | 2 Joomla, Joomlacache | 2 Joomla\!, Com Cbresumebuilder | 2026-04-23 | N/A |
| SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php. | ||||
| CVE-2009-3644 | 2 Joomla, Soundset | 2 Joomla\!, Com Soundset | 2026-04-23 | N/A |
| SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php. | ||||
| CVE-2009-3642 | 1 Frontrange | 1 Heat | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the Call Logging feature in FrontRange HEAT 8.01 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2009-3632 | 1 Typo3 | 1 Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2009-3590 | 1 Vspanel | 1 Vs Panel | 2026-04-23 | N/A |
| SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter. | ||||
| CVE-2009-3582 | 1 Sql-ledger | 1 Sql-ledger | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation. | ||||
| CVE-2009-3595 | 1 Vspanel | 1 Vs Panel | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590. | ||||
| CVE-2009-3543 | 1 Phenotype-cms | 1 Phenotype Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name). | ||||
| CVE-2009-3533 | 1 John Beranek | 1 Meeting Room Booking System | 2026-04-23 | N/A |
| SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3532 | 2 Logrover, Microsoft | 2 Logrover, Windows | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp (aka the login screen) in LogRover 2.3 and 2.3.3 on Windows allow remote attackers to execute arbitrary SQL commands via the (1) uname and (2) pword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3531 | 1 Universe | 1 Universe Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3529 | 1 Radscripts | 1 Radbids | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074. | ||||
| CVE-2009-3528 | 1 Al4us | 1 Mymsg | 2026-04-23 | N/A |
| SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action. | ||||
| CVE-2009-3514 | 1 Marcin Manek | 1 D.net Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in a news action to dnet_admin/index.php. | ||||