Export limit exceeded: 19858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5070 | 1 Pro Chat Rooms | 1 Pro Chat Rooms | 2026-04-23 | N/A |
| SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to (1) profiles/index.php and (2) profiles/admin.php. | ||||
| CVE-2008-5051 | 2 Jooblog, Joomla | 2 Jooblog, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the JooBlog (com_jb2) component 0.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the PostID parameter to index.php. | ||||
| CVE-2008-5047 | 1 Mole Group | 1 Rental Script | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in Mole Group Rental Script allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-5046 | 1 Mole Group | 1 Pizza Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter. | ||||
| CVE-2008-5037 | 1 Elkagroup | 1 Image Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-5069 | 1 Deeserver | 1 Panuwat Promoteweb Mysql | 2026-04-23 | N/A |
| SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5004 | 1 Mywebland | 1 Bloggie Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | ||||
| CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2026-04-23 | N/A |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5000 | 1 Phpx | 1 Phpx | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via uppercase characters in the news_id parameter. | ||||
| CVE-2008-4991 | 1 Ec-cube | 1 Ec-cube | 2026-04-23 | N/A |
| SQL injection vulnerability in LOCKON CO.,LTD. EC-CUBE 2.3.0 and earlier, 1.4.7 and earlier, and 1.5.0-beta2 and earlier; and Community Edition 1.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the parameter. | ||||
| CVE-2008-4364 | 1 Parsagostar | 1 Parsaweb Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page. | ||||
| CVE-2008-4357 | 1 Powie | 1 Plink | 2026-04-23 | N/A |
| SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4356 | 1 Kasseler-cms | 1 Kasseler Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module. | ||||
| CVE-2008-4355 | 1 Powie | 1 Pforum | 2026-04-23 | N/A |
| SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4354 | 1 Net Art Media | 1 Iboutique | 2026-04-23 | N/A |
| SQL injection vulnerability in the products module in NetArt Media iBoutique 4.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter to index.php. | ||||
| CVE-2008-4353 | 1 Linkarity | 1 Linkarity | 2026-04-23 | N/A |
| SQL injection vulnerability in link.php in Linkarity allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. NOTE: although one component of Linkarity is distributable PHP code, this issue might be site-specific. If so, it should not be included in CVE. | ||||
| CVE-2008-4352 | 1 Phpsmartcom | 1 Phpsmartcom | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/pages/viewprofile.php in phpSmartCom 0.2 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a viewprofile action to index.php. | ||||
| CVE-2008-4350 | 1 Vblogix | 1 Tutorial Script | 2026-04-23 | N/A |
| SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-4348 | 1 Outshine | 1 Phportfolio | 2026-04-23 | N/A |
| SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4347 | 1 Powie | 1 Pnews | 2026-04-23 | N/A |
| SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||