Search Results (37031 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2203 1 Maianscriptworld 1 Maian Search 2026-04-23 N/A
SQL injection vulnerability in search.php in Maian Search 1.1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search action.
CVE-2008-2380 1 Courier-mta 1 Courtier-authlib 2026-04-23 N/A
SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
CVE-2009-2307 1 Maxdev 2 Cwguestbook, Md-pro 2026-04-23 N/A
SQL injection vulnerability in the CWGuestBook module 2.1 and earlier for MAXdev MDPro (aka MD-Pro) allows remote attackers to execute arbitrary SQL commands via the rid parameter in a viewrecords action to modules.php.
CVE-2008-5486 1 Turnkeyforms 1 Text Link Sales 2026-04-23 N/A
SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2339 1 Rentventory 1 Rentventory 2026-04-23 N/A
SQL injection vulnerability in index.php in Rentventory allows remote attackers to execute arbitrary SQL commands via the product parameter.
CVE-2009-2366 1 Datachecknh 2 Forumpal, Forumpal Fe 2026-04-23 N/A
SQL injection vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 allows remote attackers to execute arbitrary SQL commands via the (1) password parameter in 1.1 and (2) p_password parameter in 1.5. NOTE: some of these details are obtained from third party information.
CVE-2009-2394 2 Mr Saphp Arabic Mobile, Smspages 2 Messages Library, Smspages 2026-04-23 N/A
SQL injection vulnerability in cat.php in SMSPages 1.0 in Mr.Saphp Arabic Script Mobile (aka Messages Library) 2.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter.
CVE-2009-2395 2 Joomla, Joomlaworks 2 Joomla\!, Com K2 2026-04-23 N/A
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.
CVE-2009-1034 1 Drupal 1 Tasklist 2026-04-23 N/A
SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.
CVE-2009-2402 1 Phpecho Cms 1 Phpecho Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in the forum module in PHPEcho CMS 2.0-rc3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a thread action, a different vector than CVE-2008-0355.
CVE-2009-3595 1 Vspanel 1 Vs Panel 2026-04-23 N/A
SQL injection vulnerability in results.php in VS PANEL 7.5.5 allows remote attackers to execute arbitrary SQL commands via the Cat_ID parameter, a different vector than CVE-2009-3590.
CVE-2008-2791 1 Kalptaru Infotech 1 Comparison Engine Power Script 2026-04-23 N/A
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-2614 1 Datachecknh 1 Linkpal 2026-04-23 N/A
SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0487 1 The Net Guys 1 Aspired2protect 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2009-2616 1 Datachecknh 1 Sitepal 2026-04-23 N/A
SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5959 1 Active Web Softwares 1 Active Test 2026-04-23 N/A
Multiple SQL injection vulnerabilities in start.asp in Active Test 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) useremail parameter (aka username field) or (2) password parameter (aka password field). NOTE: some of these details are obtained from third party information.
CVE-2009-3203 1 Ajsquare 1 Aj Auction Pro-oopd 2026-04-23 N/A
SQL injection vulnerability in store.php in AJ Auction Pro OOPD 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5221 1 Cahier De Textes 1 Cahier De Textes 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php.
CVE-2009-0287 1 Keep Toolkit 1 Keep Toolkit 2026-04-23 N/A
SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password.
CVE-2008-4156 1 Customcms 1 Gaming Portal 2026-04-23 N/A
SQL injection vulnerability in print.php in CustomCms (CCMS) Gaming Portal 4.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.