Search Results (37074 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6349 1 Turnkeyforms 1 Business Survey Pro 2026-04-23 N/A
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5131 1 Develop It Easy 1 News And Article System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
CVE-2008-5132 1 Memht 1 Memht Portal 2026-04-23 N/A
SQL injection vulnerability in inc/ajax/ajax_rating.php in MemHT Portal 4.0.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
CVE-2008-4620 1 Mrbs 1 Mrbs 2026-04-23 N/A
SQL injection vulnerability in Meeting Room Booking System (MRBS) before 1.4 allows remote attackers to execute arbitrary SQL commands via the area parameter to (1) month.php, and possibly (2) day.php and (3) week.php.
CVE-2009-2978 1 Sugarcrm 1 Sugarcrm 2026-04-23 N/A
SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6358 1 Socialgroupie 1 Social Groupie 2026-04-23 N/A
SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5169 1 Easysitenetwork 1 Drinks Complete Website 2026-04-23 N/A
SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter.
CVE-2008-4577 5 Canonical, Dovecot, Fedoraproject and 2 more 5 Ubuntu Linux, Dovecot, Fedora and 2 more 2026-04-23 7.5 High
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
CVE-2008-3416 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2008-3414 1 Siteadmin 1 Cms 2026-04-23 N/A
SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter.
CVE-2008-0879 1 Phpnuke 1 Web Links Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the Web_Links module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cid parameter in a viewlink action.
CVE-2008-5609 1 Typo3 2 Commerce Extension, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-1535 1 Matti Kiviharju 1 Rekry Component 2026-04-23 N/A
SQL injection vulnerability in the Matti Kiviharju rekry (aka com_rekry or rekry!Joom) 1.0.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the op_id parameter in a view action to index.php.
CVE-2008-1539 1 Futurenuke 1 Php Nuke Platinum 2026-04-23 N/A
SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module.
CVE-2008-5629 1 Turnkeyarcade 1 Turnkey Arcade Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a play action.
CVE-2008-5641 1 Activewebsoftwares 1 Active Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.
CVE-2008-5643 2 Joomla, Mambo 3 Com Books, Joomla, Mambo 2026-04-23 N/A
SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php.
CVE-2008-1162 1 Php Web Scripts 1 Dynamic Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter.
CVE-2008-5655 1 Myiosoft 1 Easybookmarker 2026-04-23 N/A
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) ajaxp.php, different vectors than CVE-2008-5654. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6101 1 Ezonescripts 1 Adult Banner Exchange Website 2026-04-23 N/A
SQL injection vulnerability in click.php in Adult Banner Exchange Website allows remote attackers to execute arbitrary SQL commands via the targetid parameter.