Export limit exceeded: 356855 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19350 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3499 | 1 Bpowerhouse | 1 Bplawyercasedocuments | 2026-04-23 | N/A |
| SQL injection vulnerability in employee.aspx in BPowerHouse BPLawyerCaseDocuments 1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-3500 | 1 Bpowerhouse | 1 Bpgames | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php. | ||||
| CVE-2009-3502 | 1 Bpowerhouse | 1 Bpmusic | 2026-04-23 | N/A |
| SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote attackers to execute arbitrary SQL commands via the music_id parameter. | ||||
| CVE-2009-3503 | 1 Bpowerhouse | 1 Bpholidaylettings | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) rid and (2) tid parameters. | ||||
| CVE-2009-3504 | 1 Alibabaclone | 1 Alibaba Clone | 2026-04-23 | N/A |
| SQL injection vulnerability in offers_buy.php in Alibaba Clone 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3505 | 1 Vastal | 1 Mmorpg Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. NOTE: the game_id vector is already covered by CVE-2008-4460. | ||||
| CVE-2009-3510 | 1 Dataspheric | 1 Linkspheric | 2026-04-23 | N/A |
| SQL injection vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 allows remote attackers to execute arbitrary SQL commands via the listID parameter. | ||||
| CVE-2009-3514 | 1 Marcin Manek | 1 D.net Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in d.net CMS allow remote attackers to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in a news action to dnet_admin/index.php. | ||||
| CVE-2009-3528 | 1 Al4us | 1 Mymsg | 2026-04-23 | N/A |
| SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action. | ||||
| CVE-2009-3529 | 1 Radscripts | 1 Radbids | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RadScripts RadBids Gold 4 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a view_forum action, a different vector than CVE-2005-1074. | ||||
| CVE-2009-3531 | 1 Universe | 1 Universe Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in vnews.php in Universe CMS 1.0.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3532 | 2 Logrover, Microsoft | 2 Logrover, Windows | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.asp (aka the login screen) in LogRover 2.3 and 2.3.3 on Windows allow remote attackers to execute arbitrary SQL commands via the (1) uname and (2) pword parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3533 | 1 John Beranek | 1 Meeting Room Booking System | 2026-04-23 | N/A |
| SQL injection vulnerability in report.php in Meeting Room Booking System (MRBS) before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the typematch parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3543 | 1 Phenotype-cms | 1 Phenotype Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in _phenotype/admin/login.php in Phenotype CMS before 2.9 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the login name). | ||||
| CVE-2009-3595 | 1 Vspanel | 1 Vs Panel | 2026-04-23 | N/A |
| SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590. | ||||
| CVE-2009-3582 | 1 Sql-ledger | 1 Sql-ledger | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the delete subroutine in SQL-Ledger 2.8.24 allow remote authenticated users to execute arbitrary SQL commands via the (1) id and possibly (2) db parameters in a Delete action to the output of a Vendors>Reports>Search search operation. | ||||
| CVE-2009-3590 | 1 Vspanel | 1 Vs Panel | 2026-04-23 | N/A |
| SQL injection vulnerability in showcat.php in VS PANEL 7.3.6 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter. | ||||
| CVE-2009-3913 | 1 Xerox | 1 Fiery Webtools | 2026-04-23 | N/A |
| SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter. | ||||
| CVE-2009-3961 | 1 Jos De Ruijter | 1 Superseriousstats | 2026-04-23 | N/A |
| SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "incorrect regexp." NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3964 | 2 Joomla, Ninjaforge | 2 Joomla\!, Com Ninjamonials | 2026-04-23 | N/A |
| SQL injection vulnerability in the NinjaMonials (com_ninjacentral) component 1.1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the testimID parameter in a display action to index.php. | ||||