Export limit exceeded: 19834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19834 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4784 2 Joaktree, Joomla 2 Com Joaktree, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in the Joaktree (com_joaktree) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the treeId parameter to index.php.
CVE-2009-4884 1 Bernhard Frohlich 1 Phpcom 2025-04-11 N/A
Multiple SQL injection vulnerabilities in phpCommunity 2 2.1.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter in a forum action to index.php, (2) the topic_id parameter in a forum action to index.php, (3) the wert parameter in an id search action to index.php, (4) the wert parameter in a nick search action to index.php, or (5) the wert parameter in a forum search action to index.php, related to class_forum.php and class_search.php.
CVE-2009-4940 1 Zeuscart 1 Zeuscart 2025-04-11 N/A
SQL injection vulnerability in index.php in Zeus Cart 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the maincatid parameter in a showmaincatlanding action.
CVE-2009-5003 1 E-soft24 1 Banner Exchange Script 2025-04-11 N/A
SQL injection vulnerability in click.php in e-soft24 Banner Exchange Script 1.0 allows remote attackers to execute arbitrary SQL commands via the targetid parameter.
CVE-2010-2438 1 Laubrotel 1 G.cms Generator 2025-04-11 N/A
SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php.
CVE-2010-1583 2 Taskfreak, Tirzen 2 Taskfreak\!, Tirzen Framework 2025-04-11 N/A
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
CVE-2010-0764 1 Kuwaitphp 1 Esmile 2025-04-11 N/A
SQL injection vulnerability in index.php in KuwaitPHP eSmile allows remote attackers to execute arbitrary SQL commands via the cid parameter in a show action.
CVE-2010-1600 2 Joomla, Thefactory 2 Joomla\!, Com Mediamall 2025-04-11 N/A
SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter to index.php.
CVE-2010-2855 1 Jared Meeker 1 Event Horizon 2025-04-11 N/A
Multiple SQL injection vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) YourEmail and (2) VerificationNumber parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1654 1 Instantrankingseo 1 Infocus Real Estate 2025-04-11 N/A
Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise Edition allow remote attackers to execute arbitrary SQL commands via the (1) username (aka login) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2010-1661 1 Jcink 1 Php-quick-arcade 2025-04-11 N/A
Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to execute arbitrary SQL commands via the (1) phpqa_user_c parameter to Arcade.php and the (2) id parameter to acpmoderate.php.
CVE-2011-5076 1 Hudong 1 Hdwiki 2025-04-11 N/A
SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.
CVE-2010-5004 1 2daybiz 1 Polls Script 2025-04-11 N/A
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2010-4999 1 Esoftpro 1 Online Photo Pro 2025-04-11 N/A
SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the section parameter.
CVE-2010-4996 1 Esoftpro 1 Online Guestbook Pro 2025-04-11 N/A
SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2010-1704 1 2daybiz 1 Polls Script 2025-04-11 N/A
Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information.
CVE-2010-4989 1 Farsi-cms 1 Ziggurat Farsi Cms 2025-04-11 N/A
SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arbitrary SQL commands via the grp parameter.
CVE-2010-1708 1 Freerealty.rwcinc 1 Free Realty 2025-04-11 N/A
Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to execute arbitrary SQL commands via the (1) login field (aka agentname parameter) or (2) password field (aka agentpassword parameter).
CVE-2010-4986 1 Cafuego 1 Simple Document Management System 2025-04-11 N/A
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
CVE-2010-4954 1 Gambio 1 Xt\ 2025-04-11 N/A
SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter.