Search Results (36998 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0695 1 Bookmarkx 1 Script 2026-04-23 N/A
SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action.
CVE-2008-4055 1 Texmedia 1 Million Pixel Script 2026-04-23 N/A
SQL injection vulnerability in tops_top.php in Million Pixel Ad Script (Million Pixel Script) allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
CVE-2008-3888 1 Aspindir 1 Mini Nuke Freehost 2026-04-23 N/A
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action.
CVE-2007-5688 3 Invision Power Services, Phpbb, Sebflipper 3 Invision Power Board, Phpbb, Multi-forums Module 2026-04-23 N/A
Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pro) module 1.3.3, for phpBB and Invision Power Board (IPB or IP.Board), allow remote attackers to execute arbitrary SQL commands via the (1) go and (2) cat parameters.
CVE-2008-0738 1 Shoppingtree 1 Candypress Store 2026-04-23 N/A
Multiple SQL injection vulnerabilities in CandyPress (CP) 4.1.1.26, and earlier 4.1.x versions, allow remote attackers to execute arbitrary SQL commands via the (1) idcust parameter to (a) ajax_getTiers.asp and (b) ajax_getCust.asp in ajax/, and the (2) tableName parameter to (c) ajax/ajax_tableFields.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0789 1 Mambo 1 Mambo 2026-04-23 N/A
SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter.
CVE-2007-3677 1 Maxsi 1 Evisit Analyst 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Maxsi eVisit Analyst allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) idsp1.pl, (2) ip.pl, and (3) einsite_director.pl. NOTE: this issue can be leveraged for path disclosure from resulting error messages.
CVE-2008-0761 1 Joomla 1 Com Pcchess 2026-04-23 N/A
SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action.
CVE-2008-0772 2 Joomla, Mambo 2 Com Doc, Com Doc 2026-04-23 N/A
SQL injection vulnerability in index.php in the com_doc component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the sid parameter in a view task.
CVE-2008-0787 1 Mybulletinboard 1 Mybulletinboard 2026-04-23 N/A
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php.
CVE-2008-0789 1 Li-scripts 1 Li-countdown 2026-04-23 N/A
SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to execute arbitrary SQL commands via the years parameter.
CVE-2008-3722 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in forum/neu.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the kat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3720 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.
CVE-2008-3713 1 Phpbasket 1 Phpbasket 2026-04-23 N/A
SQL injection vulnerability in product.php in PHPBasket allows remote attackers to execute arbitrary SQL commands via the pro_id parameter.
CVE-2007-5912 1 Jportal 1 Jportal Web Portal 2026-04-23 N/A
SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
CVE-2008-3309 1 Digiappz 1 Digileave 2026-04-23 N/A
SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter.
CVE-2007-1960 1 Xoops 1 Rha7 Downloads Module 2026-04-23 N/A
SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote attackers to execute arbitrary SQL commands via the lid parameter.
CVE-2008-0796 1 Nuboard 1 Nuboard 2026-04-23 N/A
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter.
CVE-2008-0839 2 Astats, Joomla 2 Astatspro, Com Astatspro 2026-04-23 N/A
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0847 1 Xoops 1 Mytopics 2026-04-23 N/A
SQL injection vulnerability in print.php in the myTopics module for XOOPS allows remote attackers to execute arbitrary SQL commands via the articleid parameter.