Export limit exceeded: 19303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19303 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3528 | 1 Al4us | 1 Mymsg | 2026-04-23 | N/A |
| SQL injection vulnerability in Profile.php in MyMsg 1.0.3 allows remote authenticated users to execute arbitrary SQL commands via the uid parameter in a show action. | ||||
| CVE-2008-6237 | 1 Scripts-for-sites | 1 Hotscripts-like Site | 2026-04-23 | N/A |
| SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0507 | 1 Wordpress | 1 Adserve | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in the AdServe 0.2 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-5311 | 1 Netart Media | 1 Blog System | 2026-04-23 | N/A |
| SQL injection vulnerability in image.php in NetArt Media Blog System 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2008-7085 | 1 Thehockeystop | 1 Hockeystats Online | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TheHockeyStop HockeySTATS Online 2.0 Basic and Advanced allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in the viewpage action to the default URI, probably index.php, or (2) divid parameter in the schedule action to index.php. | ||||
| CVE-2009-1651 | 1 2daybiz | 1 Business Community Script | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2008-6784 | 1 Scripts-for-sites | 1 Ez Adult Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Scripts For Sites (SFS) EZ Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-5486 | 1 Turnkeyforms | 1 Text Link Sales | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2902 | 1 Alstrasoft | 1 Askme Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: The que_id parameter to forum_answer.php is already covered by CVE-2007-4085. | ||||
| CVE-2009-0427 | 1 Dmxready | 1 Member Directory Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-4186 | 1 Webcms | 1 Webcms Portal Edition | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in webCMS Portal Edition allows remote attackers to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6188 | 1 Gforge | 1 Gforge | 2026-04-23 | N/A |
| SQL injection vulnerability in people/editprofile.php in Gforge 4.6 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the skill_edit[] parameter. | ||||
| CVE-2008-1464 | 1 Gallarific | 1 Gallarific | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Gallarific Free Edition 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) query parameter to (a) search.php; (2) gusername and (3) gpassword parameters to (b) login.php; and the (4) username and (5) password parameters to (c) gadmin/index.php in a signin action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6781 | 1 Scripts-for-sites | 1 Ez Gaming Directory | 2026-04-23 | N/A |
| SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-7083 | 1 Revou | 1 Micro Blogging Twitter Clone | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in ReVou Micro Blogging Twitter clone allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | ||||
| CVE-2009-4375 | 1 Alienvault | 1 Open Source Security Information Management | 2026-04-23 | N/A |
| SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary SQL commands via the id_document parameter. | ||||
| CVE-2006-5606 | 1 Bytesfall Explorer | 1 Bytesfall Explorer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors. | ||||
| CVE-2009-2777 | 1 Garagesalesjunkie | 1 Garagesales Script | 2026-04-23 | N/A |
| SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2008-2670 | 1 Insanelysimple2 | 1 Isblog | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Insanely Simple Blog 0.5 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter, or (2) the term parameter in a search action. NOTE: the current_subsection parameter is already covered by CVE-2007-3889. | ||||