Export limit exceeded: 356420 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19337 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1513 | 1 Danneo | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | ||||
| CVE-2008-1535 | 1 Matti Kiviharju | 1 Rekry Component | 2026-04-23 | N/A |
| SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php. | ||||
| CVE-2008-1539 | 1 Futurenuke | 1 Php Nuke Platinum | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | ||||
| CVE-2008-1540 | 2 Joomla, Mambo | 2 Datsogallery, Datsogallery | 2026-04-23 | N/A |
| SQL injection vulnerability in the Datsogallery (com_datsogallery) 1.3.1 module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1613 | 1 Reddot | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48, and possibly other versions including 6.5 and 7.0, allows remote attackers to execute arbitrary SQL commands via the LngId parameter. | ||||
| CVE-2008-1549 | 1 Aeries | 1 Aeries Student Information System | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 in Eagle Software Aries Student Information System allow remote attackers to execute arbitrary SQL commands via the (1) GrdBk parameter to GradebookOptions.asp and the (2) SchlCode variable to loginproc.asp, a different vector than CVE-2008-0942. | ||||
| CVE-2008-1551 | 1 Runcms | 2 Photo Module, Runcms | 2026-04-23 | N/A |
| SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-1554 | 1 Topper | 1 Toppermod | 2026-04-23 | N/A |
| SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism. | ||||
| CVE-2008-1559 | 2 Bernard Gilly, Joomla | 2 Com Alphacontent, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php. | ||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2026-04-23 | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | ||||
| CVE-2008-2125 | 1 Musicbox | 1 Musicbox | 2026-04-23 | N/A |
| SQL injection vulnerability in viewalbums.php in Musicbox 2.3.6 and 2.3.7 allows remote attackers to execute arbitrary SQL commands via the artistId parameter. | ||||
| CVE-2008-2129 | 1 Cine | 1 Galleristic | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Galleristic 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-2132 | 1 Systementor | 1 Postcardmentor | 2026-04-23 | N/A |
| SQL injection vulnerability in step1.asp in Systementor PostcardMentor allows remote attackers to execute arbitrary SQL commands via the cat_fldAuto parameter. | ||||
| CVE-2008-2135 | 1 Visualshapers | 1 Ezcontents | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in VisualShapers ezContents 2.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) contentname parameter to showdetails.php and the (2) article parameter to printer.php. | ||||
| CVE-2008-2189 | 1 Anserv | 1 Auction Xl | 2026-04-23 | N/A |
| SQL injection vulnerability in viewfaqs.php in AnServ Auction XL allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-2175 | 1 Gamma Scripts | 1 Blogme Php | 2026-04-23 | N/A |
| SQL injection vulnerability in comments.php in Gamma Scripts BlogMe PHP 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2177 | 1 Php Directory Source | 1 Phpdirectorysource | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpDirectorySource 1.1.06, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to show.php and the (2) login parameter to admin.php. | ||||
| CVE-2008-2180 | 1 Cplinks | 1 Cplinks | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_category parameters to search.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-2183 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SMartBlog (aka SMBlog) 1.3 allows remote attackers to execute arbitrary SQL commands via the idt parameter. | ||||
| CVE-2008-2184 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||