Export limit exceeded: 19851 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19851 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4794 1 Community Cms 1 Community Cms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
CVE-2011-5112 2 Blueflyingfish, Joomla 2 Com Alameda, Joomla\! 2025-04-11 N/A
SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the storeid parameter to index.php.
CVE-2014-1401 1 Auracms 1 Auracms 2025-04-11 N/A
Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php.
CVE-2009-4838 1 Secureideas 1 Basic Analysis And Security Engine 2025-04-11 N/A
SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information.
CVE-2011-5110 1 John Geo 1 Blogs Manager 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to execute arbitrary SQL commands via the SearchField parameter in a search action to (1) _authors_list.php, (2) _blogs_list.php, (3) _category_list.php, (4) _comments_list.php, (5) _policy_list.php, (6) _rate_list.php, (7) categoriesblogs_list.php, (8) chosen_authors_list.php, (9) chosen_blogs_list.php, (10) chosen_comments_list.php, and (11) help_list.php in blogs/.
CVE-2010-0381 1 Phpmyspace 1 Phpmyspace 2025-04-11 N/A
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a show_stats action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0762 1 Commodityrentals 1 Cd Rental Software 2025-04-11 N/A
SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a catalog action.
CVE-2010-4143 1 Phpcheckz 1 Phpcheckz 2025-04-11 N/A
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-4144 1 Aspindir 1 Kisisel Radyo Script 2025-04-11 N/A
SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute arbitrary SQL commands via the Id parameter.
CVE-2010-4147 1 Avactis 1 Avactis Shopping Cart 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header to (1) index.php and (2) product-list.php.
CVE-2010-0798 2 Snowflake, Typo3 2 T3blog, Typo3 2025-04-11 N/A
SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1019 2 Sk-typo3, Typo3 2 Sk Simplegallery, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-4151 1 Deluxebb 1 Deluxebb 2025-04-11 N/A
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.
CVE-2010-1017 2 Laurent Foulloy, Typo3 2 Sav Filter Months, Typo3 2025-04-11 N/A
SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0954 1 Preprojects 1 Pre E-learning Portal 2025-04-11 N/A
SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote attackers to execute arbitrary SQL commands via the course_ID parameter.
CVE-2010-0970 1 Jorik Berkepas 1 Phpmylogon 2025-04-11 N/A
SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
CVE-2010-0964 1 Media-products 1 Eros Webkatalog 2025-04-11 N/A
SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbitrary SQL commands via the id parameter in a rubrik action.
CVE-2010-0955 1 Media-products 1 Bild Flirt Community 2025-04-11 N/A
SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2010-0952 1 Insanevisions 1 Onecms 2025-04-11 N/A
SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the user parameter in an elite action.
CVE-2012-2363 1 Moodle 1 Moodle 2025-04-11 N/A
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x before 1.9.18 allows remote authenticated users to execute arbitrary SQL commands via a crafted calendar event.