Export limit exceeded: 19302 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19302 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6784 1 Scripts-for-sites 1 Ez Adult Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2009-1066 1 Getpixie 1 Pixie Cms 2026-04-23 N/A
SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request.
CVE-2009-1499 1 Joomla 2 Com Mailto, Joomla\! 2026-04-23 N/A
SQL injection vulnerability in the MailTo (aka com_mailto) component in Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in index.php. NOTE: SecurityFocus states that this issue has been disputed by the vendor.
CVE-2009-1247 1 Acutecp.rediscussed 1 Acutecp 2026-04-23 N/A
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-1049 1 Kamads 1 Bloginator 2026-04-23 N/A
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-5371 1 Modxcms 1 Modxcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.
CVE-2008-4889 1 Dev\!l\'s 1 Clanportal 2026-04-23 N/A
SQL injection vulnerability in index.php in deV!L'z Clanportal (DZCP) 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action.
CVE-2009-0531 1 Ontarioabandonedplaces 1 A Better Member-based Asp Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in gallery/view.asp in A Better Member-Based ASP Photo Gallery before 1.2 allows remote attackers to execute arbitrary SQL commands via the entry parameter.
CVE-2008-5874 2 Joomla, Joomlahbs 4 Joomla, Com 5starhotels, Com Allhotels and 1 more 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote attackers to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels module. NOTE: some of these details are obtained from third party information.
CVE-2009-0528 1 Rhadrix 1 If-cms 2026-04-23 N/A
SQL injection vulnerability in frame.php in Rhadrix If-CMS 2.07 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1632 1 Emedia Office Gmbh 1 Cuteflow 2026-04-23 N/A
Multiple SQL injection vulnerabilities in CuteFlow 2.10.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) listid parameter to pages/editmailinglist_step1.php, the (2) userid parameter to pages/edituser.php, the (3) fieldid parameter to pages/editfield.php, and the (4) templateid to pages/edittemplate_step1.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0340 1 Typo3 2 Mjseventpro, Typo3 2026-04-23 N/A
SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3027 1 Vangogh Web Cms 1 Vangogh Web Cms 2026-04-23 N/A
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
CVE-2009-0516 1 Businessspace 1 Businessspace 2026-04-23 N/A
SQL injection vulnerability in the classified page (classified.php) in BusinessSpace 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-0494 2 Joomla, Mivaco 2 Joomla, Com Portfol 2026-04-23 N/A
SQL injection vulnerability in the Portfol (com_portfol) 1.2 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the vcatid parameter in a viewcategory action to index.php.
CVE-2008-0253 1 Binn 1 Sbuilder 2026-04-23 N/A
SQL injection vulnerability in full_text.php in Binn SBuilder allows remote attackers to execute arbitrary SQL commands via the nid parameter.
CVE-2008-6802 1 Phpexplorer 1 Phphotogallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3118 1 Phpmotion 1 Phpmotion 2026-04-23 N/A
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
CVE-2007-4552 1 Agares Media 1 Arcadem 2026-04-23 N/A
SQL injection vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary SQL commands via the blockpage parameter. NOTE: as of 20070827, the vendor has made conflicting statements regarding whether this issue exists or not.
CVE-2008-3038 1 Typo3 1 Address Directory 2026-04-23 N/A
SQL injection vulnerability in the Address Directory (sp_directory) extension 0.2.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.