Search Results (37092 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2492 1 Badongo 1 Campus Bulletin Board 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
CVE-2008-5595 1 Aspapps 1 Asp Autodealer 2026-04-23 N/A
SQL injection vulnerability in detail.asp in ASP AutoDealer allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-5222 1 Dvbbs 1 Dvbbs 2026-04-23 N/A
SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-2639 1 Mrcgiguy 1 The Ticket System 2026-04-23 N/A
SQL injection vulnerability in admin.php in MRCGIGUY The Ticket System 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewticket action.
CVE-2008-7075 1 Kalptaru Infotech 1 Stararticles 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote attackers to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) article.publisher.php, or (5) article.download.php; and (6) the PATH_INFO to article.download.php. NOTE: some of these details are obtained from third party information.
CVE-2010-0158 2 Joomla, Joomlabamboo 2 Joomla, Jb Simpla 2026-04-23 N/A
SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to the com_content component, reachable through index.php. NOTE: the vendor disputes this report, saying: "JoomlaBamboo has investigated this report, and it is incorrect. There is no SQL injection vulnerability involving the id parameter in an article view, and there never was. JoomlaBamboo customers have no reason to be concerned about this report.
CVE-2008-1163 1 Phparcadescript 1 Phparcadescript 2026-04-23 N/A
SQL injection vulnerability in index.php in phpArcadeScript 1.0 through 3.0 RC2 allows remote attackers to execute arbitrary SQL commands via the userid parameter in a profile action.
CVE-2009-1721 6 Apple, Canonical, Debian and 3 more 6 Mac Os X, Ubuntu Linux, Debian Linux and 3 more 2026-04-23 N/A
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
CVE-2010-0330 2 Julian Fries, Typo3 2 Jf Easymaps, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6116 2 Extrosoft, Joomla 2 Com Thyme, Joomla 2026-04-23 N/A
SQL injection vulnerability in the EXtrovert Software Thyme (com_thyme) 1.0 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event parameter to index.php.
CVE-2009-0534 1 Flexcms 1 Flexcms 2026-04-23 N/A
SQL injection vulnerability in FlexCMS allows remote attackers to execute arbitrary SQL commands via the catId parameter.
CVE-2009-1657 1 B2evolution 2 B2evolution, Starrating Plugin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Starrating plugin before 0.7.7 for b2evolution allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-2619 1 Datachecknh 1 V-spacepal 2026-04-23 N/A
SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-3682 1 Ypninc 1 Php Realty 2026-04-23 N/A
SQL injection vulnerability in dpage.php in YPN PHP Realty allows remote attackers to execute arbitrary SQL commands via the docID parameter.
CVE-2008-3185 1 Vclcomponents 1 Relative Real Estate Systems 2026-04-23 N/A
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
CVE-2009-1506 1 Intelliants 1 Elitius 2026-04-23 N/A
SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to banner-details.php.
CVE-2009-1245 1 Cccp-common-clan-portal-pasterbin 1 Cccp Pastebin 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the insert_to_pastebin function in php/cccp-admin/inc/functions.php in CCCP Community Clan Portal Pastebin before 2.80 allow remote attackers to execute arbitrary SQL commands via the (1) subject, (2) language, and (3) nickname parameters to php/cccp-pages/submit.php. NOTE: some of these details are obtained from third party information.
CVE-2009-1185 8 Canonical, Debian, Fedoraproject and 5 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2026-04-23 N/A
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
CVE-2008-1406 1 Exv2 1 Exv2 2026-04-23 N/A
SQL injection vulnerability in annonces-p-f.php in the MyAnnonces 1.8 module for eXV2 allows remote attackers to execute arbitrary SQL commands via the lid parameter in an ImprAnn action.
CVE-2008-3132 1 Joomla 1 Com Beamospetition 2026-04-23 N/A
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.