Search Results (37049 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3206 1 Iamilkay 1 Yuhhu Pubs Black Cat 2026-04-23 N/A
SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2008-6064 1 Domphp 1 Domphp 2026-04-23 N/A
Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote attackers to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors.
CVE-2007-5261 1 Iscripts 1 Multicart 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
CVE-2008-3204 1 E-topbiz 1 Million Pixels 2026-04-23 N/A
SQL injection vulnerability in tops_top.php in E-topbiz Million Pixels 3 allows remote attackers to execute arbitrary SQL commands via the id_cat parameter.
CVE-2009-2423 1 Ebayclonescript 1 Ebay Clone 2026-04-23 N/A
SQL injection vulnerability in category.php in Ebay Clone 2009 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter in a list action.
CVE-2008-0601 1 All Club Cms 1 All Club Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter.
CVE-2008-3122 1 Xerox 1 Centreware Web 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
CVE-2008-3118 1 Phpmotion 1 Phpmotion 2026-04-23 N/A
SQL injection vulnerability in play.php in PHPmotion 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the vid parameter.
CVE-2007-0875 1 Mcrefer 1 Mcrefer 2026-04-23 N/A
SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this issue has been disputed by a third party, stating that the file does not use a SQL database
CVE-2007-0882 2 Oracle, Sun 2 Solaris, Sunos 2026-04-23 N/A
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
CVE-2008-3056 1 Typo3 1 Codeon Petition Extension 2026-04-23 N/A
SQL injection vulnerability in the Codeon Petition (cd_petition) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3055 1 Typo3 1 Support View Extension 2026-04-23 N/A
SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3039 1 Typo3 1 Dam Frontend Extension 2026-04-23 N/A
SQL injection vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-0649 1 Adp 1 Astanda Directory Project 2026-04-23 N/A
SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
CVE-2009-4436 1 Activewebsoftwares 1 Ewebquiz 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.
CVE-2007-4258 1 Prozilla 1 Prozilla Pub Site Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Prozilla Pub Site Directory allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2007-1166 1 Nabocorp 1 Nabopoll 2026-04-23 N/A
SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter.
CVE-2007-1171 1 Nukescripts 1 Nukesentinel 2026-04-23 N/A
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie.
CVE-2008-2874 1 Softbizscripts 1 Softbiz Jokes And Funny Pics Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Softbiz Jokes & Funny Pics Script allows remote attackers to execute arbitrary SQL commands via the sbjoke_id parameter, a different vector than CVE-2008-1050.
CVE-2008-2866 1 Caupo.net 1 Cauposhop Classic 2026-04-23 N/A
SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter.