Export limit exceeded: 19355 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19355 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4157 | 1 Vastal | 1 Phpvid | 2026-04-23 | N/A |
| SQL injection vulnerability in groups.php in Vastal I-Tech phpVID 1.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter, a different vector than CVE-2007-3610. NOTE: it was later reported that 1.2.3 is also affected. | ||||
| CVE-2008-4159 | 1 Zanfi Solutions | 2 Jaw Portal, Zanfi Cms Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter. | ||||
| CVE-2008-4161 | 1 Assetman | 1 Assetman | 2026-04-23 | N/A |
| SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action. | ||||
| CVE-2008-4169 | 1 Iscripts | 1 Easyindex | 2026-04-23 | N/A |
| SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter. | ||||
| CVE-2008-4171 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-23 | N/A |
| SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||
| CVE-2008-4172 | 1 Rfaah | 1 Cars-vehicles Script | 2026-04-23 | N/A |
| SQL injection vulnerability in page.php in Cars & Vehicle (aka Cars-Vehicle Script) allows remote attackers to execute arbitrary SQL commands via the lnkid parameter. | ||||
| CVE-2008-4173 | 1 Proarcadescript | 1 Proarcadescript | 2026-04-23 | N/A |
| SQL injection vulnerability in ProArcadeScript 1.3 allows remote attackers to execute arbitrary SQL commands via the random parameter to the default URI. | ||||
| CVE-2008-4175 | 1 Linkbidscript | 1 Linkbidscript | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php. | ||||
| CVE-2009-4569 | 1 Elkagroup | 1 Image Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/. | ||||
| CVE-2008-1272 | 1 Bmscripts | 1 Bm Classifieds | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php. | ||||
| CVE-2009-1345 | 1 Cpcommerce | 1 Cpcommerce | 2026-04-23 | N/A |
| SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | ||||
| CVE-2009-1347 | 1 Chcounter | 1 Chcounter | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in stats/index.php in chCounter 3.1.3 allow remote attackers to execute arbitrary SQL commands via (1) the login_name parameter (aka the username field) or (2) the login_pw parameter (aka the password field). | ||||
| CVE-2008-2900 | 1 Phpauction | 1 Phpauction | 2026-04-23 | N/A |
| SQL injection vulnerability in item.php in PHPAuction 3.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2067 | 1 Minibb | 1 Minibb | 2026-04-23 | N/A |
| SQL injection vulnerability in bb_admin.php in miniBB 2.2a allows remote attackers to execute arbitrary SQL commands via the whatus parameter in a searchusers2 action. NOTE: it was later reported that other versions before 3.0.1 are also vulnerable. | ||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2007-1469 | 1 Xigla | 1 Absolute Image Gallery Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action. | ||||
| CVE-2008-6640 | 1 Aspindir | 1 Batmanportal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-2130 | 1 Igaming | 1 Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-1945 | 1 Tzo | 1 Webcal | 2026-04-23 | N/A |
| SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter. | ||||
| CVE-2008-2844 | 1 Carscripts | 1 Carscripts Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Carscripts Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||