Export limit exceeded: 19319 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19319 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3713 | 1 Morcego | 1 Morcegocms | 2026-04-23 | N/A |
| SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and earlier allows remote attackers to execute arbitrary SQL commands via the query string. | ||||
| CVE-2009-3718 | 1 Davethewebguy | 1 Battle Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/authenticate.asp in Battle Blog 1.25 and 1.30 build 2 allows remote attackers to execute arbitrary SQL commands via the UserName parameter. | ||||
| CVE-2009-3750 | 1 Santostefano Giovanni | 1 Toylog | 2026-04-23 | N/A |
| SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter. | ||||
| CVE-2009-3752 | 1 Opial | 1 Opial | 2026-04-23 | N/A |
| SQL injection vulnerability in home.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the genres_parent parameter. | ||||
| CVE-2009-3754 | 1 Kreotek | 1 Phpbms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to modules/bms/invoices_discount_ajax.php, (2) f parameter to dbgraphic.php, and (3) tid parameter in a show action to advancedsearch.php. | ||||
| CVE-2009-3758 | 1 Citrix | 1 Xencenterweb | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-3788 | 1 Opendocman | 1 Opendocman | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmuser (aka Username) parameter. | ||||
| CVE-2008-4573 | 1 Aspindir | 1 Munzursoft Web Portal W3 | 2026-04-23 | N/A |
| SQL injection vulnerability in kategori.asp in MunzurSoft Wep Portal W3 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | ||||
| CVE-2009-3804 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter. | ||||
| CVE-2009-3813 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php. | ||||
| CVE-2009-3835 | 2 Joomla, Whorl Ltd | 2 Joomla, Jshop | 2026-04-23 | N/A |
| SQL injection vulnerability in the JShop (com_jshop) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a product action to index.php. | ||||
| CVE-2009-3834 | 2 Joomla, Webguerilla | 2 Joomla, Com Photoblog | 2026-04-23 | N/A |
| SQL injection vulnerability in the Photoblog (com_photoblog) component alpha 3 and alpha 3a for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in a blogs action to index.php. | ||||
| CVE-2008-4570 | 1 Real-estate-scripts | 1 Real-estate-scripts | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2008-4569 | 1 Xigla | 1 Absolute Poll Manager Xe | 2026-04-23 | N/A |
| SQL injection vulnerability in xlacomments.asp in XIGLA Software Absolute Poll Manager XE 4.1 allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2008-3965 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field. | ||||
| CVE-2008-3955 | 1 Masir Camp | 1 E-shop Module | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Masir Camp E-Shop Module 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ordercode parameter in a veiworderstatus page. | ||||
| CVE-2006-7025 | 1 Sangwan Kim | 1 Bookmark4u | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter. | ||||
| CVE-2008-3954 | 1 Alstrasoft | 1 Forum Pay Per Post Exchange | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showcat action. | ||||
| CVE-2008-3953 | 1 Vastal | 1 Shaadi Zone | 2026-04-23 | N/A |
| SQL injection vulnerability in keyword_search_action.php in Vastal I-Tech Shaadi Zone 1.0.9 allows remote attackers to execute arbitrary SQL commands via the tage parameter. | ||||
| CVE-2008-2968 | 1 Yektaweb | 1 Academic Web Tools | 2026-04-23 | N/A |
| SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | ||||