Export limit exceeded: 357188 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19356 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1245 | 1 Cccp-common-clan-portal-pasterbin | 1 Cccp Pastebin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1247 | 1 Acutecp.rediscussed | 1 Acutecp | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-1258 | 2 Joomla, Rd-media | 2 Joomla, Com Rdautos | 2026-04-23 | N/A |
| SQL injection vulnerability in the RD-Autos (com_rdautos) component 1.5.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the makeid parameter in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1263 | 2 Alikonweb, Joomla | 2 Com Bookjoomlas, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php. | ||||
| CVE-2009-1282 | 1 Glfusion | 1 Glfusion | 2026-04-23 | N/A |
| SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. | ||||
| CVE-2009-1316 | 1 Abk-soft | 1 Ablespace | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php. | ||||
| CVE-2009-1317 | 1 Aquacms | 1 Aqua Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userSID cookie parameter to droplets/functions/base.php and the (2) username parameter to admin/index.php. | ||||
| CVE-2009-1323 | 1 Webfileexplorer | 1 Web File Explorer | 2026-04-23 | N/A |
| SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1346 | 1 Interguias | 1 Nethoteles | 2026-04-23 | N/A |
| SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter. | ||||
| CVE-2009-1362 | 1 Chcounter | 1 Chcounter | 2026-04-23 | N/A |
| SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1403 | 1 Creloaded | 1 Cre Loaded | 2026-04-23 | N/A |
| SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | ||||
| CVE-2009-1404 | 1 Pastel | 1 Pastelcms | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user (Username) parameter. | ||||
| CVE-2009-1409 | 1 E107 | 1 E107 | 2026-04-23 | N/A |
| SQL injection vulnerability in usersettings.php in e107 0.7.15 and earlier, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hide parameter, a different vector than CVE-2005-4224 and CVE-2008-5320. | ||||
| CVE-2009-1410 | 1 Opensolution | 1 Quick.cms.lite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Quick.Cms.Lite 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1411 | 1 Neocrome | 1 Seditio | 2026-04-23 | N/A |
| SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php. | ||||
| CVE-2009-1731 | 1 Mlffat | 1 Mlffat | 2026-04-23 | N/A |
| SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie. | ||||
| CVE-2009-1734 | 1 Omnisoftsol | 1 Vidsharepro | 2026-04-23 | N/A |
| SQL injection vulnerability in listing_video.php in VidSharePro allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2009-1736 | 1 Joomla | 2 Com Gsticketsystem, Joomla\! | 2026-04-23 | N/A |
| SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php. | ||||
| CVE-2009-1741 | 1 Dutchmonkey | 1 Dm Filemanager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. | ||||
| CVE-2009-1742 | 1 Pc4arb | 1 Pc4 Uploader | 2026-04-23 | N/A |
| code.php in PC4Arb Pc4 Uploader 9.0 and earlier makes it easier for remote attackers to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON" string, which is collapsed into "UNION" by the filter_sql function. | ||||