Search Results (19319 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6753 1 Silverstripe 1 Silverstripe 2026-04-23 N/A
SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField.
CVE-2008-0607 3 Joomla, Mambo, Sigsiu.net 3 Com Sobi2, Com Sobi2, Sobi2 2026-04-23 N/A
SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0616 1 Dmsguestbook Project 1 Dmsguestbook 2026-04-23 N/A
SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVE-2008-4159 1 Zanfi Solutions 2 Jaw Portal, Zanfi Cms Lite 2026-04-23 N/A
SQL injection vulnerability in index.php in Jaw Portal and Zanfi CMS lite and allows remote attackers to execute arbitrary SQL commands via the page (pageid) parameter.
CVE-2008-4161 1 Assetman 1 Assetman 2026-04-23 N/A
SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action.
CVE-2008-0651 1 Pedro Santana Codice 1 Cms 2026-04-23 N/A
SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0675 1 The Everything Development Company 1 The Everything Development Engine 2026-04-23 N/A
SQL injection vulnerability in cms/index.pl in The Everything Development Engine in The Everything Development System Pre-1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the node_id parameter.
CVE-2008-0677 1 A-blog 1 A-blog 2026-04-23 N/A
SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action.
CVE-2008-0678 1 Blogphp 1 Blogphp 2026-04-23 N/A
SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a page action.
CVE-2008-4177 1 Preprojects 1 Pre Real Estate Listings 2026-04-23 N/A
SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the c parameter.
CVE-2007-6538 2 Moodle, Mrbs 2 Moodle, Mrbs 2026-04-23 N/A
SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6782 1 Scripts-for-sites 1 Ez Hosting Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-0770 1 Ibproarcade 1 Ibproarcade 2026-04-23 N/A
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the g_display_order cookie parameter.
CVE-2008-0771 1 Site2nite 1 Real Estate Web 2026-04-23 N/A
Multiple SQL injection vulnerabilities in default.asp in Site2Nite allow remote attackers to execute arbitrary SQL commands via the (1) txtUserName and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-0772 2 Joomla, Mambo 2 Com Doc, Com Doc 2026-04-23 N/A
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.
CVE-2008-0773 3 Joomla, Mambo, Phil Taylor 4 Com Comments, Com Comments, Comments and 1 more 2026-04-23 N/A
SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6783 1 Scripts-for-sites 1 Ez Home Business Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-0785 1 Cacti 1 Cacti 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.php, (3) local_graph_id parameter to graph_xport.php, and (4) login_username parameter to index.php/login.
CVE-2008-0835 1 Simple Cms 1 Simple Cms 2026-04-23 N/A
SQL injection vulnerability in indexen.php in Simple CMS 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the area parameter.
CVE-2008-6794 1 Sfs Ez Pub 1 Fsf Ex Pub 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Pub Site allows remote attackers to execute arbitrary SQL commands via the cat parameter.