Search Results (37153 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4345 1 Webportal 1 Webportal Cms 2026-04-23 N/A
SQL injection vulnerability in download.php in WebPortal CMS 0.7.4 and earlier allows remote attackers to execute arbitrary SQL commands via the aid parameter.
CVE-2008-4348 1 Outshine 1 Phportfolio 2026-04-23 N/A
SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4350 1 Vblogix 1 Tutorial Script 2026-04-23 N/A
SQL injection vulnerability in main.php in vbLOGIX Tutorial Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-4355 1 Powie 1 Pforum 2026-04-23 N/A
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4356 1 Kasseler-cms 1 Kasseler Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module.
CVE-2008-4364 1 Parsagostar 1 Parsaweb Cms 2026-04-23 N/A
SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.
CVE-2008-4369 1 Availscript 1 Availscript Photo Album 2026-04-23 N/A
SQL injection vulnerability in pics.php in Availscript Photo Album allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2009-2734 1 Achievo 1 Achievo 2026-04-23 N/A
SQL injection vulnerability in the get_employee function in classweekreport.inc in Achievo before 1.4.0 allows remote attackers to execute arbitrary SQL commands via the userid parameter (aka user_id variable) to dispatch.php.
CVE-2008-4459 1 Extrovert Software 1 Thyme 2026-04-23 N/A
SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information.
CVE-2008-4460 1 Vastal I-tech 1 Mmorpg Zone 2026-04-23 N/A
SQL injection vulnerability in game.php in Vastal I-Tech MMORPG Zone allows remote attackers to execute arbitrary SQL commands via the game_id parameter.
CVE-2008-4462 1 Vastal I-tech 1 Visa Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter.
CVE-2008-4487 1 Atarone 1 Atarone 2026-04-23 N/A
SQL injection vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) site_name, (2) email, (3) theme_chosen, (4) hp, (5) c_meta, (6) id, and (7) c_js parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-4492 1 Yourownbux 1 Yourownbux 2026-04-23 N/A
SQL injection vulnerability in referrals.php in YourOwnBux 4.0 allows remote attackers to execute arbitrary SQL commands via the usNick cookie.
CVE-2009-2768 1 Linux 1 Linux Kernel 2026-04-23 7.8 High
The load_flat_shared_library function in fs/binfmt_flat.c in the flat subsystem in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by executing a shared flat binary, which triggers an access of an "uninitialized cred pointer."
CVE-2008-4516 1 Galerie 1 Galerie 2026-04-23 N/A
SQL injection vulnerability in galerie.php in Galerie 3.2 allows remote attackers to execute arbitrary SQL commands via the pic parameter.
CVE-2008-4517 1 Geccbblite 1 Geccbblite 2026-04-23 N/A
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4521 1 Php-fusion 1 World Of Warcraft Tracker Infusion Module 2026-04-23 N/A
SQL injection vulnerability in thisraidprogress.php in the World of Warcraft tracker infusion (raidtracker_panel) module 2.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the INFO_RAID_ID parameter.
CVE-2008-4524 1 Adaptcms 1 Adaptcms 2026-04-23 N/A
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter.
CVE-2008-4527 1 Php-fusion 1 Recepies Module 2026-04-23 N/A
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from third party information.
CVE-2008-4574 1 Aspindir 1 Ayco Okul Portali 2026-04-23 N/A
SQL injection vulnerability in default.asp in Ayco Okul Portali allows remote attackers to execute arbitrary SQL commands via the linkid parameter.