Export limit exceeded: 19320 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19320 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2067 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable. | ||||
| CVE-2009-1259 | 1 Insanevisions | 1 Adaptbb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php. | ||||
| CVE-2009-1256 | 1 Flexcms | 1 Flexcms | 2026-04-23 | N/A |
| SQL injection vulnerability in FlexCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the ItemId parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1850 | 1 Benjamin Curtis | 1 Phpbugtracker | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2008-2853 | 1 Easy Webstore | 1 Easy Webstore | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Easy Webstore 1.2 allows remote attackers to execute arbitrary SQL commands via the cat_path parameter. | ||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2009-1804 | 1 Videoscript | 1 Youtube Video Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in VideoScript.us YouTube Video Script allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2008-2872 | 1 Aspindir | 1 Shibby Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in sHibby sHop 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sayfa parameter. | ||||
| CVE-2007-1469 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | ||||
| CVE-2009-1799 | 1 Sebastian-thiele | 1 St-gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php. | ||||
| CVE-2009-1818 | 1 Maxcms | 1 Maxcms | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote attackers to execute arbitrary SQL commands via an m_username cookie in an add action. | ||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1298 | 2 Kyantonius, Php-nuke | 2 Hadith Module, Hadith Module | 2026-04-23 | N/A |
| SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php. | ||||
| CVE-2008-6261 | 1 E-topbiz | 1 Admanager | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter. | ||||
| CVE-2008-6260 | 1 Ultrastats | 1 Ultrastats | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Ultrastats 0.2.144 and 0.3.11 allows remote attackers to execute arbitrary SQL commands via the serverid parameter. | ||||
| CVE-2008-6258 | 1 Quadcomm | 1 Q-shop | 2026-04-23 | N/A |
| SQL injection vulnerability in users.asp in QuadComm Q-Shop 3.0, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the (1) UserID and (2) Pwd parameters. NOTE: this might be related to CVE-2004-2108. | ||||
| CVE-2008-6257 | 1 Openasp | 1 Openasp | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module. | ||||
| CVE-2008-6256 | 1 Vbulletin | 1 Vbulletin | 2026-04-23 | N/A |
| SQL injection vulnerability in admincp/admincalendar.php in vBulletin 3.7.3.pl1 allows remote authenticated administrators to execute arbitrary SQL commands via the holidayinfo[recurring] parameter, a different vector than CVE-2005-3022. | ||||
| CVE-2008-6255 | 1 Vbulletin | 1 Vbulletin | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in vBulletin 3.7.4 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) answer parameter to admincp/verify.php, (2) extension parameter in an edit action to admincp/attachmentpermission.php, and the (3) iperm parameter to admincp/image.php. | ||||