Export limit exceeded: 19858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19858 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0799 2 Joomla, Mambo 2 Com Quiz, Com Quiz 2026-04-23 N/A
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.
CVE-2008-0796 1 Nuboard 1 Nuboard 2026-04-23 N/A
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter.
CVE-2008-0795 3 Joomla, Mambo, Mgfi 3 Joomla, Mambo, Xfaq 2026-04-23 N/A
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
CVE-2008-0789 1 Li-scripts 1 Li-countdown 2026-04-23 N/A
SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to execute arbitrary SQL commands via the years parameter.
CVE-2008-0787 1 Mybulletinboard 1 Mybulletinboard 2026-04-23 N/A
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
CVE-2008-0785 1 Cacti 1 Cacti 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
CVE-2007-6727 1 Max Kervin 1 Kervinet Forum 2026-04-23 N/A
SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2007-6719 1 Inspector It 1 Wiz-ad 2026-04-23 N/A
SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6671 1 Instantsoftwares 1 Dating Site 2026-04-23 N/A
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information.
CVE-2007-6670 1 Phpcredo 1 Phcdownload 2026-04-23 N/A
SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute arbitrary SQL commands via the string parameter.
CVE-2007-6667 1 Myphp 1 Myphp Forum 2026-04-23 N/A
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
CVE-2007-6666 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
CVE-2007-6665 1 Netchemia 1 Oneschool 2026-04-23 N/A
SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to execute arbitrary SQL commands via the txtLoginID parameter.
CVE-2007-6664 1 Webportal 1 Webportal Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.
CVE-2007-6663 2 Joomla, Pragmatic Utopia 2 Joomla, Pu Arcade 2026-04-23 N/A
SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arcade (com_puarcade) 2.0.3, 2.1.2, and 2.1.3 Beta component for Joomla! allows remote attackers to execute arbitrary SQL commands via the fid parameter to index.php.
CVE-2007-6658 1 Customcms 1 Ccms 2026-04-23 N/A
SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attackers to execute arbitrary SQL commands via the p parameter in the Console page.
CVE-2003-1573 1 Sun 1 J2ee 2026-04-23 N/A
The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."
CVE-2007-6656 1 Cmsmadesimple 1 Cms Made Simple 2026-04-23 N/A
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter.
CVE-2006-5603 1 Snitz Communications 1 Snitz Forums 2000 2026-04-23 9.8 Critical
SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5606 1 Bytesfall Explorer 1 Bytesfall Explorer 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors.