Search Results (37062 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6353 1 Asp-cms 1 Asp-cms 2026-04-23 N/A
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the cha parameter.
CVE-2008-2124 1 Fipsasp 1 Fipscms 2026-04-23 N/A
SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote attackers to execute arbitrary SQL commands via the lg parameter.
CVE-2008-6352 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in home.html in Xpoze Pro 4.10 allows remote attackers to execute arbitrary SQL commands via the menu parameter.
CVE-2008-0499 1 Mamboxchange 1 Laithai 2026-04-23 N/A
SQL injection vulnerability in Mambo LaiThai 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4655 1 Typo3 2 Simplesurvey, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4660 1 Typo3 2 M1 Intern, Typo3 2026-04-23 N/A
SQL injection vulnerability in the M1 Intern (m1_intern) 1.0.0 extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4665 1 Datingpro 1 Matchmaking 2026-04-23 N/A
SQL injection vulnerability in PG Matchmaking allows remote attackers to execute arbitrary SQL commands via the id parameter to (1) news_read.php and (2) gifts_show.php.
CVE-2008-4666 1 Deeserver 1 Ultimate Webboard 2026-04-23 N/A
SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter.
CVE-2007-5679 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
CVE-2008-0520 1 Wordpress 1 Wassup Plugin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in main.php in the WassUp plugin 1.4 through 1.4.3 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) from_date or (2) to_date parameter to spy.php.
CVE-2007-5766 1 Oracle 1 E-business Suite 2026-04-23 N/A
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure.
CVE-2008-0543 1 Pre Projects 1 Pre Dynamic Institution 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information.
CVE-2006-5242 1 Etomite 1 Etomite 2026-04-23 N/A
SQL injection vulnerability in Etomite Content Management System (CMS) before 0.6.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4709 1 Pilot Group 1 Etraining 2026-04-23 N/A
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0110 1 Riotpix 1 Riotpix 2026-04-23 N/A
SQL injection vulnerability in read.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter.
CVE-2009-0111 1 Goople Cms 1 Goople Cms 2026-04-23 N/A
SQL injection vulnerability in frontpage.php in Goople CMS 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2008-6329 1 Preproject 1 Pre Asp Job Board 2026-04-23 N/A
SQL injection vulnerability in Employee/login.asp in Pre ASP Job Board allows remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters, as reachable from Employee/emp_login.asp. NOTE: some of these details are obtained from third party information.
CVE-2008-6327 1 Manzovi 1 Proquiz 2026-04-23 N/A
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote attackers to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
CVE-2008-4887 1 Netrisk 1 Netrisk 2026-04-23 N/A
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
CVE-2008-6326 1 Simplecustomer 1 Simple Customer 2026-04-23 N/A
SQL injection vulnerability in login.php in Simple Customer as downloaded on 20081118 allows remote attackers to execute arbitrary SQL commands via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.