Export limit exceeded: 19348 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19348 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6686 | 2 Jan Bednarik, Typo3 | 2 Cooluri, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in CoolURI (cooluri) 1.0.11 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-6095 | 1 Dotnetindex | 1 Active News Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments.asp vectors are already covered by CVE-2006-6094. | ||||
| CVE-2008-6692 | 2 Fr.simon Rundell, Typo3 | 2 Pd Trainingcourses, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-2816 | 1 O2php | 1 Oxygen | 2026-04-23 | N/A |
| SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572. | ||||
| CVE-2007-2803 | 1 Vizayn Urun | 1 Tanitim Sitesi | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action. | ||||
| CVE-2008-6678 | 1 Quickersite | 1 Quickersite | 2026-04-23 | N/A |
| SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp. | ||||
| CVE-2008-2793 | 1 Clip-share | 1 Clipshare | 2026-04-23 | N/A |
| SQL injection vulnerability in group_posts.php in ClipShare before 3.0.1 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | ||||
| CVE-2008-2815 | 1 Mymarket | 1 Mymarket | 2026-04-23 | N/A |
| SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6649 | 1 Ktools | 1 Photostore | 2026-04-23 | N/A |
| SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6075 | 1 Rasihbahar | 1 Bahar Download Script | 2026-04-23 | N/A |
| SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 allows remote attackers to execute arbitrary SQL commands via the kid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2835 | 1 Igsuite | 1 Igsuite | 2026-04-23 | N/A |
| SQL injection vulnerability in cgi-bin/igsuite in IGSuite 3.2.4 allows remote attackers to execute arbitrary SQL commands via the formid parameter. | ||||
| CVE-2008-3355 | 1 Camera Life | 1 Camera Life | 2026-04-23 | N/A |
| SQL injection vulnerability in sitemap.xml.php in Camera Life 2.6.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a photos action. | ||||
| CVE-2007-3447 | 1 Bugmall | 1 Shopping Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in BugMall Shopping Cart 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the "basic search box." NOTE: 4.0.2 and other versions might also be affected. | ||||
| CVE-2007-1962 | 1 Xoops | 2 Wf-snippets, Xoops | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action. | ||||
| CVE-2007-1920 | 1 Smodbip | 1 Smodbip | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php. | ||||
| CVE-2008-3374 | 1 Gregarius | 1 Gregarius | 2026-04-23 | N/A |
| SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and earlier allows remote attackers to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action. | ||||
| CVE-2007-1897 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in xmlrpc (xmlrpc.php) in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the post_id variable. | ||||
| CVE-2008-3372 | 1 Greatclone | 1 Getacoder Clone | 2026-04-23 | N/A |
| SQL injection vulnerability in search_form.php in Getacoder Clone allows remote attackers to execute arbitrary SQL commands via the sb_protype parameter. | ||||
| CVE-2009-2545 | 1 Anelectron | 1 Advanced Electron Forum | 2026-04-23 | N/A |
| SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6917 | 1 Exoscripts | 1 Exophpdesk | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | ||||