Export limit exceeded: 19166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2135 | 1 Visualshapers | 1 Ezcontents | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php. | ||||
| CVE-2008-6649 | 1 Ktools | 1 Photostore | 2026-04-23 | N/A |
| SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0302 | 1 Php-nuke | 1 Downloads Module | 2026-04-23 | N/A |
| SQL injection vulnerability in the Downloads module for PHP-Nuke 8.0 8.1.0.3.5b and earlier allows remote authenticated users to execute arbitrary SQL commands via the url parameter in the Add operation to modules.php. | ||||
| CVE-2008-6634 | 1 Beaussier | 1 Roomphplanning | 2026-04-23 | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | ||||
| CVE-2008-6633 | 1 Beaussier | 1 Roomphplanning | 2026-04-23 | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php. | ||||
| CVE-2008-2760 | 1 Xigla | 1 Absolute Banner Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in searchbanners.asp in Xigla Absolute Banner Manager XE 2.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter. | ||||
| CVE-2008-4202 | 1 Gonafish | 1 Linkscaffepro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Gonafish LinksCaffePRO 4.5 allows remote attackers to execute arbitrary SQL commands via the idd parameter in a deadlink action. | ||||
| CVE-2008-5004 | 1 Mywebland | 1 Bloggie Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie. | ||||
| CVE-2008-2124 | 1 Fipsasp | 1 Fipscms | 2026-04-23 | N/A |
| SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter. | ||||
| CVE-2006-6094 | 1 Dotnetindex | 1 Active News Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp. | ||||
| CVE-2008-6652 | 1 Insanevisions | 1 Onecms | 2026-04-23 | N/A |
| SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter. | ||||
| CVE-2008-6626 | 1 Webbdomain | 1 Quiz | 2026-04-23 | N/A |
| SQL injection vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-0109 | 1 Riotpix | 1 Riotpix | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2746 | 1 Gryphon | 1 Gllcts2 | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Gryphon gllcTS2 4.2.4 allows remote attackers to execute arbitrary SQL commands via the detail parameter. | ||||
| CVE-2003-1573 | 1 Sun | 1 J2ee | 2026-04-23 | N/A |
| The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages." | ||||
| CVE-2008-4350 | 1 Vblogix | 1 Tutorial Script | 2026-04-23 | N/A |
| SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-5003 | 1 Shahrood | 1 Shahrood | 2026-04-23 | N/A |
| SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5097 | 1 Myfwb | 1 Myfwb | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MyFWB 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-5779 | 1 Flds Script | 1 Flds | 2026-04-23 | N/A |
| SQL injection vulnerability in lpro.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0110 | 1 Riotpix | 1 Riotpix | 2026-04-23 | N/A |
| SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||