Export limit exceeded: 19295 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (19295 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4200 2 Joomla, Vollmar 2 Joomla\!, Com Seminar 2026-04-23 N/A
SQL injection vulnerability in the Seminar (com_seminar) component 1.28 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a View_seminar action to index.php.
CVE-2009-2607 2 Joomla, Pinme 2 Joomla, Com Pinboard 2026-04-23 N/A
SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php.
CVE-2008-5637 1 Parsblogger 1 Parsblogger 2026-04-23 N/A
SQL injection vulnerability in blog.asp in ParsBlogger (Pb) allows remote attackers to execute arbitrary SQL commands via the wr parameter.
CVE-2008-4611 1 Php Arsivimiz 1 Php Ziyaretci Defteri 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Arsivimiz Php Ziyaretci Defteri allows remote attackers to execute arbitrary SQL commands via the sayfa parameter.
CVE-2008-0683 1 Wordpress 1 St Newsletter Plugin 2026-04-23 N/A
SQL injection vulnerability in shiftthis-preview.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter.
CVE-2008-6697 2 Michael Fritz, Typo3 2 Worldcup, Typo3 2026-04-23 N/A
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3118 1 Phpmotion 1 Phpmotion 2026-04-23 N/A
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
CVE-2008-4675 1 Phpcounter 1 Phpcounter 2026-04-23 N/A
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-0799 2 Joomla, Mambo 2 Com Quiz, Com Quiz 2026-04-23 N/A
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action.
CVE-2008-3154 1 Webblizzard 1 Content Management System 2026-04-23 N/A
SQL injection vulnerability in index.php in WebBlizzard CMS allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-0562 1 Mamboserver 2 Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action.
CVE-2008-4617 3 Joomla, Mambo-foundation, Pyxicom 3 Joomla, Mambo, Actualite 2026-04-23 N/A
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4625 2 Shiftthis, Wordpress 2 Shifthis Newsletter, Wordpress 2026-04-23 N/A
SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.
CVE-2008-4777 2 Joomla, Mambo 3 Com Lms, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Showroom Joomlearn LMS (com_lms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a showTests task.
CVE-2008-4161 1 Assetman 1 Assetman 2026-04-23 N/A
SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action.
CVE-2008-6783 1 Scripts-for-sites 1 Ez Home Business Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2009-3644 2 Joomla, Soundset 2 Joomla\!, Com Soundset 2026-04-23 N/A
SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php.
CVE-2008-0653 1 Joomla 1 Com Ynews 2026-04-23 N/A
SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a showYNews action.
CVE-2009-0534 1 Flexcms 1 Flexcms 2026-04-23 N/A
SQL injection vulnerability in FlexCMS allows remote attackers to execute arbitrary SQL commands via the catId parameter.
CVE-2006-5957 1 Infinicart 1 Infinicart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in INFINICART allow remote attackers to execute arbitrary SQL commands via the (1) groupid parameter in (a) browse_group.asp, (2) productid parameter in (b) added_to_cart.asp, and (3) catid and (4) subid parameter in (c) browsesubcat.asp. NOTE: the vendor has disputed this report, saying "The vulnerabilities mentioned were never present in our official released products but only in the unofficial demo version. However we do appreciate the information. We have update our demo version and made sure all those vulnerabilities are fixed.