Export limit exceeded: 19172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19172 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3053 | 1 Typo3 | 1 Sql Frontend Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6187 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in frs/shownotes.php in Gforge 4.5.19 and earlier allows remote attackers to execute arbitrary SQL commands via the release_id parameter. | ||||
| CVE-2008-4093 | 1 Yourownbux | 1 Yourownbux | 2026-04-23 | N/A |
| SQL injection vulnerability in memberstats.php in YourOwnBux 3.1 and 3.2 beta, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||
| CVE-2008-6182 | 1 Joomla | 2 Ignitegallery, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the Ignite Gallery (com_ignitegallery) component 0.8.0 through 0.8.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gallery parameter in a view action to index.php. | ||||
| CVE-2008-3051 | 1 Typo3 | 1 Pinboard Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-6180 | 1 Newlife Blogger | 1 Newlife Blogger | 2026-04-23 | N/A |
| SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and earlier, and possibly 3.3.1, allows remote attackers to execute arbitrary SQL commands via the nlb3 cookie. | ||||
| CVE-2008-6166 | 2 Jmds, Joomla | 2 Com Kbase, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the KBase (com_kbase) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php. | ||||
| CVE-2008-3044 | 1 Typo3 | 1 News Calendar Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the News Calendar (newscalendar) extension 1.0.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-1982 | 1 Wordpress | 2 Wordpress, Wpss | 2026-04-23 | N/A |
| SQL injection vulnerability in ss_load.php in the Spreadsheet (wpSS) 0.6 and earlier plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter. | ||||
| CVE-2008-6155 | 1 Hispah | 1 Text Links Ads | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Hispah Text Links Ads 1.1 allows remote attackers to execute arbitrary SQL commands via the idtl parameter in a buy action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3039 | 1 Typo3 | 1 Dam Frontend Extension | 2026-04-23 | N/A |
| SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2006-7025 | 1 Sangwan Kim | 1 Bookmark4u | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter. | ||||
| CVE-2006-7089 | 1 Ban | 1 Ban | 2026-04-23 | N/A |
| SQL injection vulnerability in connexion.php in Ban 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-3933 | 1 Quickestore | 1 Quickestore | 2026-04-23 | N/A |
| SQL injection vulnerability in insertorder.cfm in QuickEStore 8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the CFTOKEN parameter, a different vector than CVE-2006-2053. | ||||
| CVE-2007-4863 | 1 Quirm | 1 Saxon | 2026-04-23 | N/A |
| SQL injection vulnerability in example.php in SAXON 5.4 allows remote attackers to execute arbitrary SQL commands via the template parameter. | ||||
| CVE-2007-5643 | 1 Lussumo | 1 Vanilla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php. | ||||
| CVE-2008-6153 | 1 Jayeshp | 1 Pixel8 Web Photo Album | 2026-04-23 | N/A |
| SQL injection vulnerability in Photo.asp in Jay Patel Pixel8 Web Photo Album 3.0 allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | ||||
| CVE-2008-2770 | 1 Mycrocms | 1 Mycrocms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entry_id parameter. | ||||
| CVE-2008-4084 | 1 Myiosoft | 1 Easyclassifields | 2026-04-23 | N/A |
| SQL injection vulnerability in staticpages/easyclassifields/index.php in MyioSoft EasyClassifields 3.0 allows remote attackers to execute arbitrary SQL commands via the go parameter in a browse action. | ||||