Search Results (37071 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2105 1 Kasper Skrhj 1 References Database 2026-04-23 N/A
SQL injection vulnerability in the References database (t3references) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-5068 1 Phpfullannu 1 Phpfullannu 2026-04-23 N/A
SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute arbitrary SQL commands via the mod parameter.
CVE-2007-5177 2 Mambads, Mambo 2 Mambads, Mambo 2026-04-23 N/A
SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the caid parameter.
CVE-2007-5189 1 X-script 1 Guestbook 2026-04-23 N/A
Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) icq, and (4) website parameters.
CVE-2008-5122 1 Ektron 1 Cms4000.net 2026-04-23 N/A
SQL injection vulnerability in WorkArea/ContentRatingGraph.aspx in Ektron CMS400.NET 7.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the res parameter.
CVE-2008-5212 1 Aj Square 1 Aj Auction 2026-04-23 N/A
SQL injection vulnerability in classifide_ad.php in AJ Auction 6.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the item_id parameter.
CVE-2009-2612 1 Prosmdr 1 Prosmdr 2026-04-23 N/A
SQL injection vulnerability in login.aspx in ProSMDR allows remote attackers to execute arbitrary SQL commands via the txtUser parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5213 1 Aj Square 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote attackers to execute arbitrary SQL commands via the artid parameter in a search detail action.
CVE-2009-4296 2 Brian Miller, Drupal 2 Taxonomy Timer, Drupal 2026-04-23 N/A
SQL injection vulnerability in the Taxonomy Timer module 5.x-1.8 and earlier and 6.x-alpha1 and earlier for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5216 1 Aj Square 1 Zeuscart 2026-04-23 N/A
SQL injection vulnerability in category_list.php in AJ Square ZeusCart 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-5923 1 Asp-dev 1 Xm Events Diary 2026-04-23 N/A
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter.
CVE-2009-2036 1 Geekbill 1 Open Biller 2026-04-23 N/A
SQL injection vulnerability in index.php in Open Biller 0.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2007-5372 2 Dws Systems Inc., Ledgersmb 2 Sql-ledger, Ledgersmb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
CVE-2008-6776 1 Scripts-for-sites 1 Ez Hot Or Not 2026-04-23 N/A
SQL injection vulnerability in viewcomments.php in Scripts For Sites (SFS) EZ Hot or Not allows remote attackers to execute arbitrary SQL commands via the phid parameter.
CVE-2008-6777 1 Myphp 1 Myphp Forum 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the (4) quote parameter in a post action and (5) pid parameter in an edit action to post.php, different vectors than CVE-2005-0413.2 and CVE-2007-6667.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-5192 1 Philboard 1 Philboard 2026-04-23 N/A
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920.
CVE-2008-6802 1 Phpexplorer 1 Phphotogallery 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-5194 1 Softvisions Software 1 Online Booking Manager 2026-04-23 N/A
SQL injection vulnerability in checkavail.php in SoftVisions Software Online Booking Manager (obm) 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5196 1 Php-fusion 2 Php-fusion, The Kroax Module 2026-04-23 N/A
SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the category parameter.