Export limit exceeded: 19304 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19304 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6525 | 1 Nicephpscripts | 1 Nice Php Faq Script | 2026-04-23 | N/A |
| SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field). | ||||
| CVE-2007-5131 | 1 Interspire | 1 Activekb Nx | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to execute arbitrary SQL commands via the catId parameter in a browse action. NOTE: it was separately reported that ActiveKB 1.5 is also affected. | ||||
| CVE-2009-1799 | 1 Sebastian-thiele | 1 St-gallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parameter to example.php. | ||||
| CVE-2009-1584 | 1 R020 | 1 Tematres | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php. | ||||
| CVE-2008-6257 | 1 Openasp | 1 Openasp | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Openasp 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idpage parameter in the pages module. | ||||
| CVE-2008-6485 | 1 Softcomplex | 1 Php Image Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter. | ||||
| CVE-2008-6285 | 1 Businessvein | 1 Php Tv Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP TV Portal 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2007-4953 | 1 Simpcms | 1 Simpcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action. | ||||
| CVE-2008-6104 | 1 A4desk | 1 A4desk Flash Event Calendar | 2026-04-23 | N/A |
| SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php. | ||||
| CVE-2008-6749 | 1 China-on-site | 1 Flexphpdirectory | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters. | ||||
| CVE-2007-5308 | 1 Php Homepage M | 1 Php Homepage M | 2026-04-23 | N/A |
| SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | ||||
| CVE-2009-0883 | 1 Amunak | 1 Blue Eye Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in Blue Eye CMS 1.0.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the BlueEyeCMS_login cookie parameter. | ||||
| CVE-2008-6301 | 2 Phpbb, Prezmo | 2 Phpbb, Small Shoutbox | 2026-04-23 | N/A |
| SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action. | ||||
| CVE-2008-0543 | 1 Pre Projects | 1 Pre Dynamic Institution | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1317 | 1 Aquacms | 1 Aqua Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userSID cookie parameter to droplets/functions/base.php and the (2) username parameter to admin/index.php. | ||||
| CVE-2009-1316 | 1 Abk-soft | 1 Ablespace | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_view.php. | ||||
| CVE-2009-0740 | 1 Frankmancuso | 1 Bluebird | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in BlueBird Prelease allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) passwd parameters. | ||||
| CVE-2008-6111 | 1 Netart Media | 1 Vlog System | 2026-04-23 | N/A |
| SQL injection vulnerability in blog.php in NetArt Media Vlog System 1.1 allows remote attackers to execute arbitrary SQL commands via the note parameter. | ||||
| CVE-2008-2790 | 1 Mountaingrafix | 1 Easytrade | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2796 | 1 Freecms.us | 1 Freecms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||