Search Results (37032 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-0338 1 Typo3 2 Ttpedit, Typo3 2026-04-23 N/A
SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0339 1 Typo3 2 Typo3, Vm19 Userlinks 2026-04-23 N/A
SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0829 3 Joomla, Joomlapixel, Mambo 3 Joomla, Jooget, Mambo 2026-04-23 N/A
SQL injection vulnerability in jooget.php in the Joomlapixel Jooget! (com_jooget) 2.6.8 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail task.
CVE-2010-0343 1 Typo3 2 Pb Clanlist, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2897 1 Pagesquid 1 Pagesquid Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2008-6102 1 Ezonescripts 1 Link Trader Script 2026-04-23 N/A
SQL injection vulnerability in ratelink.php in Link Trader Script allows remote attackers to execute arbitrary SQL commands via the lnkid parameter.
CVE-2008-6689 2 Kevin Renskers, Typo3 2 Dmmjobcontrol, Typo3 2026-04-23 N/A
SQL injection vulnerability in JobControl (dmmjobcontrol) 1.15.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3387 1 Phpfootball 1 Phpfootball 2026-04-23 N/A
SQL injection vulnerability in show.php in PHPFootball 1.6 allows remote attackers to execute arbitrary SQL commands via the dbtable parameter.
CVE-2008-3070 1 Mybb 1 Mybb 2026-04-23 N/A
Unspecified vulnerability in inc/datahandler/user.php in MyBB before 1.2.13 has unknown impact and attack vectors related to the $user['language'] variable, probably related to SQL injection.
CVE-2008-6263 1 Infireal 1 Saturncms 2026-04-23 N/A
SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information.
CVE-2008-1788 1 Prozilla 1 Entertainers 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Entertainers 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-0832 2 Joomla, Mambo 2 Kemas Antonius Com Quran, Kemas Antonius Com Quran 2026-04-23 N/A
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the surano parameter in a viewayat action.
CVE-2008-7120 1 Mrcgiguy 1 Hot Links Sql-php 2026-04-23 N/A
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter.
CVE-2008-6093 1 Noname-cms 1 Noname Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Noname CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the (1) file_id parameter in a detailansicht action and the (2) kategorie parameter in a kategorien action.
CVE-2008-6086 1 Camera Life 1 Camera Life 2026-04-23 N/A
SQL injection vulnerability in album.php in Camera Life 2.6.2b4 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-3355.
CVE-2007-4056 1 Adult Directory 1 Adult Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Adult Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action. NOTE: the original report indicated that this was the "photo" SourceForge project (aka Maan Bsat Photo Collection), but that was incorrect.
CVE-2007-1962 1 Xoops 2 Wf-snippets, Xoops 2026-04-23 N/A
SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action.
CVE-2008-0841 2 Joomla, Mambo 2 Com Ricette Component, Com Ricette Component 2026-04-23 N/A
SQL injection vulnerability in index.php in the Giorgio Nordo Ricette (com_ricette) 1.0 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0845 1 Wordpress 1 Dean Logan Wp-people Plugin 2026-04-23 N/A
SQL injection vulnerability in wp-people-popup.php in Dean Logan WP-People plugin 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the person parameter.
CVE-2008-6640 1 Aspindir 1 Batmanportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.