Search Results (37123 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5122 1 Softbizscripts 1 Classifieds Plus Script 2026-04-23 N/A
SQL injection vulnerability in store_info.php in SoftBiz Classifieds PLUS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-1277 1 Gravityboardx 1 Gravity Board X 2026-04-23 N/A
SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. NOTE: the board_id issue is already covered by CVE-2008-2996.2.
CVE-2007-5371 1 Modxcms 1 Modxcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.
CVE-2008-2498 1 Mambo-foundation 1 Mambo 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information.
CVE-2009-0768 1 Yapbb 1 Yapbb 2026-04-23 N/A
SQL injection vulnerability in forumhop.php in YapBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the forumID parameter in a next action.
CVE-2009-0741 1 Craftsilicon 1 Banking\@home 2026-04-23 N/A
SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter.
CVE-2009-0574 1 Cafeengine 1 Easycafeengine 2026-04-23 N/A
SQL injection vulnerability in index.php in Easy CafeEngine allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-4604.
CVE-2008-3506 1 Polypager 1 Polypager 2026-04-23 N/A
SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI.
CVE-2008-3495 1 Aspindir 1 Pcshey Portal 2026-04-23 N/A
SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter.
CVE-2009-3310 1 Shalwan 1 Zainu 2026-04-23 N/A
SQL injection vulnerability in index.php in Zainu 1.0 allows remote attackers to execute arbitrary SQL commands via the album_id parameter in an AlbumSongs action.
CVE-2009-3309 1 Cfshopkart 1 Cf Shopkart 2026-04-23 N/A
SQL injection vulnerability in index.cfm in CF ShopKart 5.4 beta allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a ViewDetails action, a different vector than CVE-2008-6320.
CVE-2008-4617 3 Joomla, Mambo-foundation, Pyxicom 3 Joomla, Mambo, Actualite 2026-04-23 N/A
SQL injection vulnerability in the actualite module 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-0431 1 Codefixer 1 Linkspro 2026-04-23 N/A
SQL injection vulnerability in Default.asp in LinksPro Standard Edition allows remote attackers to execute arbitrary SQL commands via the OrderDirection parameter.
CVE-2009-0427 1 Dmxready 1 Member Directory Manager 2026-04-23 N/A
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2009-0426 1 Dmxready 1 Classified Listings Manager 2026-04-23 N/A
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2008-1039 1 Porar 1 Webboard 2026-04-23 N/A
SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter.
CVE-2009-0420 2 Joomla, Rd-media 2 Joomla, Rd-autos 2026-04-23 N/A
SQL injection vulnerability in the RD-Autos (com_rdautos) 1.5.5 Stable component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2009-0409 1 Mzbservices 1 Max.blog 2026-04-23 N/A
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2009-0405 1 Smartsitecms 1 Smartsitecms 2026-04-23 N/A
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the var parameter.
CVE-2009-0403 1 Chipmunk Scripts 1 Chipmunk Blogger 2026-04-23 N/A
SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.