Export limit exceeded: 19855 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19855 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1573 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| SQL injection vulnerability in admincp/attachment.php in Jelsoft vBulletin 3.6.5 allows remote authenticated administrators to execute arbitrary SQL commands via the "Attached Before" field. | ||||
| CVE-2007-1776 | 1 Design For Joomla | 1 D4j Ezine | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action. | ||||
| CVE-2007-2534 | 1 Phphoo3 | 1 Phphoo3 | 2026-04-23 | 9.8 Critical |
| Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use | ||||
| CVE-2007-2571 | 1 Xoops | 1 Wfquotes Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | ||||
| CVE-2007-3119 | 1 Kartli Alisveris Sistemi | 1 Kartli Alisveris Sistemi | 2026-04-23 | N/A |
| SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) 1.0 allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2007-3273 | 1 Fusetalk | 1 Fusetalk | 2026-04-23 | N/A |
| SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3301 | 1 Fusetalk | 1 Fusetalk | 2026-04-23 | N/A |
| SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273. | ||||
| CVE-2007-3909 | 1 Bandersnatch | 1 Bandersnatch | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Bandersnatch 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) date and (2) limit parameters to index.php, and other unspecified vectors. | ||||
| CVE-2007-3913 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3933 | 1 Quickestore | 1 Quickestore | 2026-04-23 | N/A |
| SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. | ||||
| CVE-2007-3937 | 1 A-shop | 1 A-shop | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in A-shop 0.70 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3938 | 1 Maxdev | 1 Mdpro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.8x and earlier before 20070720 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a view action in the Topics module, a different vulnerability than CVE-2006-1676. | ||||
| CVE-2007-4056 | 1 Adult Directory | 1 Adult Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect. | ||||
| CVE-2007-4095 | 1 Bsm Store | 1 Dependent Forums | 2026-04-23 | N/A |
| SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp. | ||||
| CVE-2007-4714 | 1 Yvora | 1 Yvora | 2026-04-23 | N/A |
| SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2007-4716 | 1 Phd | 1 Help Desk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-4719 | 1 212cafe | 1 212cafeboard | 2026-04-23 | N/A |
| SQL injection vulnerability in read.php in 212cafeBoard 6.30 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4736 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2007-4762 | 1 E-smart Cart | 1 E-smart Cart | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in embadmin/login.asp in E-SMARTCART 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) user and (2) pass fields, different vectors than CVE-2007-0092. | ||||
| CVE-2007-4777 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778. | ||||