Export limit exceeded: 19305 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19305 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2008 | 1 Dokeos | 1 Dokeos | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Dokeos 1.8.5, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) uInfo parameter to main/tracking/userLog.php and the (2) course parameter to main/mySpace/lp_tracking.php, a different vector than CVE-2009-2006.2. | ||||
| CVE-2008-5921 | 1 Umerinc | 1 Songs Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in albums.php in Umer Inc Songs Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0520 | 1 Wordpress | 1 Wassup Plugin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php. | ||||
| CVE-2007-4835 | 1 Phpmyquote | 1 Phpmyquote | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpMyQuote 0.20 allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action. | ||||
| CVE-2008-5775 | 1 Apertoblog | 1 Apertoblog | 2026-04-23 | N/A |
| SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6429 | 2 Joomla, Mike Leeper | 2 Joomla, Com Prayercenter | 2026-04-23 | N/A |
| SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php. | ||||
| CVE-2009-2395 | 2 Joomla, Joomlaworks | 2 Joomla\!, Com K2 | 2026-04-23 | N/A |
| SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. | ||||
| CVE-2009-3752 | 1 Opial | 1 Opial | 2026-04-23 | N/A |
| SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter. | ||||
| CVE-2008-5772 | 1 Aspsiteware | 1 Realtylistings | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) iType parameter to type.asp and the (2) iPro parameter to detail.asp. | ||||
| CVE-2007-4714 | 1 Yvora | 1 Yvora | 2026-04-23 | N/A |
| SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-2184 | 1 Toocharger | 1 Smartblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in SMartBlog (aka SMBlog) 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) mois, (2) an, (3) jour, and (4) id parameters to index.php, and the (5) login parameter to gestion/logon.php, different vectors than CVE-2008-2183. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1362 | 1 Chcounter | 1 Chcounter | 2026-04-23 | N/A |
| SQL injection vulnerability in administration/index.php in chCounter 3.1.3 allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-1403 | 1 Creloaded | 1 Cre Loaded | 2026-04-23 | N/A |
| SQL injection vulnerability in product_info.php in CRE Loaded 6.2 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | ||||
| CVE-2008-1313 | 1 Bill Roberts | 1 Bloo | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors. | ||||
| CVE-2007-5646 | 1 Simple Machines | 1 Simple Machines Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php. | ||||
| CVE-2008-4328 | 1 Easyrealtorpro | 1 Easyrealtorpro | 2026-04-23 | N/A |
| SQL injection vulnerability in site_search.php in EasyRealtorPRO 2008 allows remote attackers to execute arbitrary SQL commands via the (1) item, (2) search_ordermethod, and (3) search_order parameters. | ||||
| CVE-2008-5928 | 1 Flds-script | 1 Flds | 2026-04-23 | N/A |
| SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3806 | 1 Dedecms | 1 Dedecms | 2026-04-23 | N/A |
| SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter. | ||||
| CVE-2009-3052 | 2 Absoluteanime, Phpbb | 2 Prime Quick Style, Phpbb | 2026-04-23 | N/A |
| SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the prime_quick_style parameter to ucp.php. | ||||
| CVE-2009-3042 | 1 Ocsinventory-ng | 1 Ocs Inventory Ng | 2026-04-23 | N/A |
| SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040. | ||||