Export limit exceeded: 350825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 350825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 350825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (19000 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2010-4844 1 Mhproducts 1 Easy Online Shop 2025-04-11 N/A
SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers to execute arbitrary SQL commands via the kat parameter.
CVE-2010-4845 1 Mhproducts 1 Projekt Shop 2025-04-11 N/A
Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute arbitrary SQL commands via the (1) ts parameter to details.php and possibly the (2) ilceler parameter to index.php.
CVE-2010-1949 2 Emultisoft, Joomla 2 Com Jnewspaper, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-4846 1 Mhproducts 1 Pay Pal Shop Digital 2025-04-11 N/A
SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-4847 1 Mhproducts 1 Mhp Downloadshop 2025-04-11 N/A
SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2010-4842 1 Mhproducts 1 Download Center 2025-04-11 N/A
SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-4849 1 Alibabaclone 1 Alibaba Clone B2b 2025-04-11 N/A
SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B 3.4 allows remote attackers to execute arbitrary SQL commands via the es_id parameter.
CVE-2010-4851 1 Eclime 1 Eclime 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to create_account.php.
CVE-2010-1701 1 Rocky.nu 1 Php Video Battle Script 2025-04-11 N/A
SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2010-1661 1 Jcink 1 Php-quick-arcade 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php.
CVE-2010-1660 1 Clscript 1 Clscript Classifieds Script 2025-04-11 N/A
SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attackers to execute arbitrary SQL commands via the hpId parameter.
CVE-2010-4853 2 Chillcreations, Joomla 2 Com Ccinvoices, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewInv action to index.php.
CVE-2009-4015 1 Debian 1 Lintian 2025-04-11 N/A
Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allows remote attackers to execute arbitrary commands via shell metacharacters in filename arguments.
CVE-2010-4854 1 Zuitu 1 Zuitu 2025-04-11 N/A
SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a consume action.
CVE-2010-1656 1 Airiny 1 Com Abc 2025-04-11 N/A
SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the sectionid parameter in an abc action to index.php.
CVE-2010-1654 1 Instantrankingseo 1 Infocus Real Estate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2010-1615 1 Moodle 1 Moodle 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) "data validation in some forms elements" related to lib/form/selectgroups.php.
CVE-2010-4855 1 Aspindir 1 Xweblog 2025-04-11 N/A
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
CVE-2010-4752 1 Lightneasy 1 Lightneasy 2025-04-11 N/A
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter, a different vector than CVE-2008-6593, CVE-2010-3484, and CVE-2010-3485. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1071 1 Phpmdj 1 Phpmdj 2025-04-11 N/A
SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.