Search Results (37077 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2885 1 Phpscriptsnow 1 World\'s Tallest Buildings 2026-04-23 N/A
SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter.
CVE-2007-4604 1 Dinkumsoft.com 1 Dl Paycart 2026-04-23 N/A
SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2007-4603 1 Altercoder 1 Acg News 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in ACG News 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the aid parameter in a showarticle action or (2) the catid parameter in a showcat action.
CVE-2008-5054 1 Develop It Easy 1 Membership System 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Develop It Easy Membership System 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameters to customer_login.php and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
CVE-2008-5046 1 Mole Group 1 Pizza Script 2026-04-23 N/A
SQL injection vulnerability in index.php in Mole Group Pizza Script allows remote attackers to execute arbitrary SQL commands via the manufacturers_id parameter.
CVE-2007-4581 1 Wbb2-addon 1 Acrotxt 2026-04-23 N/A
SQL injection vulnerability in acrotxt.php in WBB2-Addon: Acrotxt 1 allows remote attackers to execute arbitrary SQL commands via the show parameter.
CVE-2008-6692 2 Fr.simon Rundell, Typo3 2 Pd Trainingcourses, Typo3 2026-04-23 N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2006-5738 1 Punbb 1 Punbb 2026-04-23 7.2 High
Multiple SQL injection vulnerabilities in PunBB before 1.2.14 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-5003 1 Shahrood 1 Shahrood 2026-04-23 N/A
SQL injection vulnerability in ndetail.php in Shahrood allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-4095 1 Bsm Store 1 Dependent Forums 2026-04-23 N/A
SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote attackers to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp.
CVE-2008-6640 1 Aspindir 1 Batmanportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1733 2 Joomla, Pragmaticutopia 2 Joomla, Com Puarcade 2026-04-23 N/A
SQL injection vulnerability in puarcade.class.php 2.2 and earlier in the Pragmatic Utopia PU Arcade (com_puarcade) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the gid parameter to index.php.
CVE-2008-4659 1 Typo3 2 Mannschaftsliste, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Mannschaftsliste (kiddog_playerlist) 1.0.3 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4657 1 Typo3 2 Econda Plugin, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Econda Plugin (econda) 0.0.2 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4653 1 Xoops 2 Makale, Xoops 2026-04-23 N/A
SQL injection vulnerability in makale.php in Makale 0.26 and possibly other versions, a module for XOOPS, allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4625 2 Shiftthis, Wordpress 2 Shifthis Newsletter, Wordpress 2026-04-23 N/A
SQL injection vulnerability in stnl_iframe.php in the ShiftThis Newsletter (st_newsletter) plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the newsletter parameter, a different vector than CVE-2008-0683.
CVE-2007-5430 1 Scottmanktelow 1 Stride Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the p parameter to main.php in the Content Management System, (2) the id parameter in a sto cmd action to shop.php in the Merchant subsystem, or the (3) course or (4) provider parameter to detail.php in the Courses subsystem.
CVE-2008-4613 1 Portalapp 1 Portalapp 2026-04-23 N/A
SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
CVE-2008-4603 1 Igaming 1 Cms 2026-04-23 N/A
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action.
CVE-2008-4570 1 Real-estate-scripts 1 Real-estate-scripts 2026-04-23 N/A
SQL injection vulnerability in index.php in Real Estate Classifieds allows remote attackers to execute arbitrary SQL commands via the cat parameter.