Export limit exceeded: 19368 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19368 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-4883 | 1 Yourfreeworld | 1 Blog Blaster Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Blog Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4884 | 1 Yourfreeworld | 1 Classifieds Hosting Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4885 | 1 Yourfreeworld | 1 Scrolling Text Ads Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4886 | 1 Yourfreeworld | 1 Shopping Cart Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in YourFreeWorld Shopping Cart Script allows remote attackers to execute arbitrary SQL commands via the c parameter. | ||||
| CVE-2008-4887 | 1 Netrisk | 1 Netrisk | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4890 | 1 1st News | 1 4 Professional | 2026-04-23 | N/A |
| SQL injection vulnerability in products.php in 1st News 4 Professional (PR 1) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4895 | 1 Yourfreeworld | 1 Downline Builder Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4897 | 1 Logz | 1 Logz | 2026-04-23 | N/A |
| SQL injection vulnerability in fichiers/add_url.php in Logz podcast CMS 1.3.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the art parameter. | ||||
| CVE-2008-4900 | 1 Yourfreeworld | 1 Classifieds Blaster Script | 2026-04-23 | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Blaster Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-4901 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/admin.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-4902 | 1 Scripts Frenzy | 1 Article Publisher Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in contact_author.php in Article Publisher Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | ||||
| CVE-2008-4904 | 1 Typosphere | 1 Typo | 2026-04-23 | N/A |
| SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter. | ||||
| CVE-2008-4912 | 1 Rs Maxsoft | 2 Fotogalerie, Rs Maxsoft | 2026-04-23 | N/A |
| SQL injection vulnerability in popup_img.php in the fotogalerie module in RS MAXSOFT allows remote attackers to execute arbitrary SQL commands via the fotoID parameter. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||
| CVE-2008-5496 | 1 Pozscripts | 1 Business Directory Script | 2026-04-23 | N/A |
| SQL injection vulnerability in showcategory.php in PozScripts Business Directory Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-5559 | 1 Dazzlindonna | 1 Postecards | 2026-04-23 | N/A |
| SQL injection vulnerability in sendcard.cfm in PostEcards allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-5573 | 1 Adcomplete | 1 Poll Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in the login feature in Poll Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) Password and (2) username parameters. | ||||
| CVE-2008-5574 | 1 Unscripts | 1 Webmaster Marketplace | 2026-04-23 | N/A |
| SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter. | ||||
| CVE-2008-5578 | 1 Scssboard | 1 Scssboard | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values. | ||||
| CVE-2008-5582 | 1 Nukedit | 1 Nukedit | 2026-04-23 | N/A |
| SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | ||||
| CVE-2008-5586 | 1 Check Up | 1 Check New | 2026-04-23 | N/A |
| SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||