Export limit exceeded: 353514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0428 | 1 Dmxready | 1 Secure Document Library | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-1819 | 1 2daybiz | 1 Custom T-shirt Design Script | 2026-04-23 | N/A |
| SQL injection vulnerability in product.php in 2daybiz Custom T-shirt Design Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4953 | 1 Simpcms | 1 Simpcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action. | ||||
| CVE-2009-3223 | 1 Inoutscripts | 1 Inout Adserver | 2026-04-23 | N/A |
| SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-2608 | 1 Chatelao | 1 Php Address Book | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2565. | ||||
| CVE-2007-4952 | 1 Omnistar Interactive | 1 Omnistar Article Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in article.php in OmniStar Article Manager allows remote attackers to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917. | ||||
| CVE-2009-2612 | 1 Prosmdr | 1 Prosmdr | 2026-04-23 | N/A |
| SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1816 | 1 Mygamescript | 1 My Game Script | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1297 | 3 Ewriting, Joomla, Mambo | 3 Ewriting, Com Ewriting, Com Ewriting | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action. | ||||
| CVE-2008-6837 | 1 Zoph | 1 Zoph | 2026-04-23 | N/A |
| SQL injection vulnerability in Zoph 0.7.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different issue than CVE-2008-3258. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2603 | 1 E-supportportal | 1 Escon Supportportal Pro | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Escon SupportPortal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) tid parameters. | ||||
| CVE-2009-1032 | 1 Yabsoft | 1 Advanced Image Hosting Script | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter. | ||||
| CVE-2010-0342 | 1 Typo3 | 2 Job Reports, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2010-0329 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | ||||
| CVE-2007-6577 | 1 Zsuite | 1 Zblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the categ parameter in a categ action or (2) the article parameter in an articles action. | ||||
| CVE-2008-3125 | 1 Mole Group | 1 Lastminute Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-5727 | 1 Netcat | 1 Netcat | 2026-04-23 | N/A |
| SQL injection vulnerability in modules/auth/password_recovery.php in AIST NetCat 3.12 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the query string. | ||||
| CVE-2007-6491 | 1 Kvaliitti | 1 Webdoc Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp. | ||||
| CVE-2008-2177 | 1 Php Directory Source | 1 Phpdirectorysource | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php. | ||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||