Export limit exceeded: 19173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19173 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0459 | 1 Wholehogsoftware | 1 Password Protect | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3413 | 1 Greatclone | 1 Auction Platinum | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | ||||
| CVE-2008-5959 | 1 Active Web Softwares | 1 Active Test | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6517 | 1 Aeries | 1 Aeries Browser Interface | 2026-04-23 | N/A |
| SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5150 | 1 Nukescripts | 1 Nukesentinel | 2026-04-23 | N/A |
| SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.11 allows remote attackers to execute arbitrary SQL commands via base64-encoded data in an admin cookie, a different vector than CVE-2007-5125. | ||||
| CVE-2008-6451 | 1 Jportal | 1 Jportal | 2026-04-23 | N/A |
| SQL injection vulnerability in humor.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might overlap CVE-2004-2036 or CVE-2005-3509. | ||||
| CVE-2008-6720 | 1 Deltascripts | 1 Php Links | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/adm_login.php in DeltaScripts PHP Links 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka the admin field). | ||||
| CVE-2008-0557 | 1 Mamboserver | 1 Catalogshop | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the CatalogShop (com_catalogshop) 1.0b1 componenent for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. | ||||
| CVE-2008-5605 | 1 Aspapps | 1 Aspportal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ASP Portal allow remote attackers to execute arbitrary SQL commands via the (1) ItemID parameter to classifieds.asp and the (2) ID parameter to Events.asp. | ||||
| CVE-2008-6329 | 1 Preproject | 1 Pre Asp Job Board | 2026-04-23 | N/A |
| SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-0875 | 1 Mcrefer | 1 Mcrefer | 2026-04-23 | N/A |
| SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database | ||||
| CVE-2009-1024 | 1 Beerwin | 1 Phplinkadmin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote attackers to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors. | ||||
| CVE-2008-6050 | 2 Ircmaxell, Joomla | 2 Tech Article, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the item parameter to index.php. | ||||
| CVE-2008-2336 | 1 68 Classifieds | 1 68 Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in 68 Classifieds 4.0.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-6064 | 1 Domphp | 1 Domphp | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors. | ||||
| CVE-2008-5582 | 1 Nukedit | 1 Nukedit | 2026-04-23 | N/A |
| SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2009-0334 | 1 Katywhitton | 1 Blogit\! | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in Katy Whitton BlogIt! allows remote attackers to execute arbitrary SQL commands via the day parameter in an archive action. | ||||
| CVE-2008-6813 | 1 Surat Kabar | 1 Phpwebnews | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter. | ||||
| CVE-2008-2286 | 1 Symantec | 1 Altiris Deployment Solution | 2026-04-23 | N/A |
| SQL injection vulnerability in axengine.exe in Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 allows remote attackers to execute arbitrary SQL commands via unspecified string fields in a notification packet. | ||||