Export limit exceeded: 366624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366624 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 19851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4889 2 Basti2web, Php-fusion 2 Book Panel, Php-fusion 2025-04-11 N/A
SQL injection vulnerability in books.php in the Book Panel (book_panel) module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the bookid parameter.
CVE-2009-4892 1 Webjump 1 Webjump\! 2025-04-11 N/A
SQL injection vulnerability in Content Management System WEBjump! allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) portfolio_genre.php and (2) news_id.php.
CVE-2009-4992 1 Script-shop24 1 Lm Starmail Paidmail 2025-04-11 N/A
SQL injection vulnerability in paidbanner.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2011-4811 1 Bst 1 Bestshoppro 2025-04-11 N/A
SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter.
CVE-2012-4772 1 Intelliants 1 Subrion Cms 2025-04-11 N/A
SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 allows remote attackers to execute arbitrary SQL commands via the plan_id parameter.
CVE-2010-0454 1 Fabricadigital 1 Publique\! 2025-04-11 N/A
SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publique! 2.3 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2012-0226 1 Invensys 1 Wonderware Information Server 2025-04-11 N/A
SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-4686 1 Vbulletin 1 Vbulletin 2025-04-11 N/A
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.
CVE-2009-4933 1 Winterwebs 1 Ezwebitor 2025-04-11 N/A
Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from third party information.
CVE-2011-0519 1 Gallarific 1 Php Photo Gallery Script 2025-04-11 N/A
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-3953 1 Phplist 1 Phplist 2025-04-11 N/A
SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
CVE-2010-0981 2 Joomla, Templateplazza 2 Joomla\!, Com Tpjobs 2025-04-11 N/A
SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id_c[] parameter in a resadvsearch action to index.php.
CVE-2010-0980 1 Mitchell Sleeper 1 L4d Stats 2025-04-11 N/A
SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to execute arbitrary SQL commands via the steamid parameter.
CVE-2011-0443 1 Tinybb 1 Tinybb 2025-04-11 N/A
SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action to index.php. NOTE: some of these details are obtained from third party information.
CVE-2012-0337 1 Cisco 1 Unified Meetingplace 2025-04-11 N/A
SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtx08939.
CVE-2009-4935 1 Esoftpro 1 Online Guestbook Pro 2025-04-11 N/A
SQL injection vulnerability in ogp_show.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter.
CVE-2009-4938 2 Joomla, Warphd 2 Joomla\!, Com Jvideo 2025-04-11 N/A
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.
CVE-2010-5103 1 Typo3 1 Typo3 2025-04-11 N/A
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
CVE-2014-1204 1 Tableausoftware 1 Tableau Server 2025-04-11 N/A
SQL injection vulnerability in Tableau Server 8.0.x before 8.0.7 and 8.1.x before 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
CVE-2010-0973 1 Scripteverkauf 1 Domain Verkaus And Auktions Portal 2025-04-11 N/A
SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.