Export limit exceeded: 19166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5511 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. | ||||
| CVE-2007-4716 | 1 Phd | 1 Help Desk | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHD Help Desk before 1.31 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2843 | 1 Doitlive | 1 Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp. | ||||
| CVE-2008-2837 | 1 Cms.brdconcept | 1 Cms-brd | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMS-BRD allows remote attackers to execute arbitrary SQL commands via the menuclick parameter. | ||||
| CVE-2008-0290 | 1 Digitalhive | 1 Digitalhive | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Digital Hive 2.0 RC2 and earlier allow (1) remote attackers to execute arbitrary SQL commands via the selectskin parameter to an unspecified program, or (2) remote authenticated administrators to execute arbitrary SQL commands via the user_id parameter in the gestion_membre.php page to base.php. | ||||
| CVE-2008-2834 | 1 Sidb | 1 Scientific Image Database | 2026-04-23 | N/A |
| SQL injection vulnerability in projects.php in Scientific Image DataBase 0.41 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2823 | 1 Phpeasynews | 1 Phpeasyblog | 2026-04-23 | N/A |
| SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter. | ||||
| CVE-2008-0288 | 1 Imagealbum | 1 Imagealbum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action. | ||||
| CVE-2007-5508 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. NOTE: remote unauthenticated attack vectors exist when CTXSYS is used with oracle Application Server. | ||||
| CVE-2008-2819 | 1 Blognplus | 1 Blognplus | 2026-04-23 | N/A |
| SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2835 | 1 Igsuite | 1 Igsuite | 2026-04-23 | N/A |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. | ||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | ||||
| CVE-2008-2817 | 1 Nitropowered | 1 Nitro Web Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action. | ||||
| CVE-2008-2816 | 1 O2php | 1 Oxygen | 2026-04-23 | N/A |
| SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572. | ||||
| CVE-2008-0282 | 1 Domphp | 1 Domphp | 2026-04-23 | N/A |
| SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2007-5490 | 1 Okulumunsitesi | 1 Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-4714 | 1 Yvora | 1 Yvora | 2026-04-23 | N/A |
| SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2007-3652 | 1 Fascript | 1 Faname | 2026-04-23 | 9.8 Critical |
| SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328. | ||||
| CVE-2007-2571 | 1 Xoops | 1 Wfquotes Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the wfquotes 1.0 0 module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | ||||
| CVE-2008-2815 | 1 Mymarket | 1 Mymarket | 2026-04-23 | N/A |
| SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||