Search Results (19631 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3382 1 Mojoscripts 1 Mojoclassifieds 2026-04-23 N/A
SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
CVE-2007-6159 1 Tilde 1 Tilde Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500.
CVE-2007-6170 2 Debian, Digium 2 Debian Linux, Asterisk 2026-04-23 N/A
SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments.
CVE-2007-6171 1 Digium 1 Asterisk 2026-04-23 N/A
SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) in Asterisk 1.4.x before 1.4.15 and C.x before C.1.0-beta6 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3383 1 Mojoscripts 1 Mojoauto 2026-04-23 N/A
SQL injection vulnerability in mojoAuto.cgi in MojoAuto allows remote attackers to execute arbitrary SQL commands via the cat_a parameter in a browse action.
CVE-2007-6269 1 Xigla 1 Absolute News Manager.net 2026-04-23 N/A
Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the (1) z, (2) pz, (3) ord, and (4) sort parameters.
CVE-2008-3414 1 Siteadmin 1 Cms 2026-04-23 N/A
SQL injection vulnerability in line2.php in SiteAdmin allows remote attackers to execute arbitrary SQL commands via the art parameter.
CVE-2008-6488 1 Softcomplex 1 Php Image Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action.
CVE-2008-3418 1 Willo 1 Trio 2026-04-23 N/A
SQL injection vulnerability in browse.php in TriO 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6275 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter, a different vector than CVE-2007-6266.
CVE-2007-6393 1 Ace Image Hosting Script 1 Ace Image Hosting Script 2026-04-23 N/A
SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated users to execute arbitrary SQL commands via the id parameter in editalbum mode.
CVE-2008-4356 1 Kasseler-cms 1 Kasseler Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module.
CVE-2007-6458 1 My123tkshop 1 E-commerce-suite 2026-04-23 N/A
SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded value of the admin parameter to shop/admin.php.
CVE-2007-6467 1 Mkportal 1 Mkportal 2026-04-23 N/A
SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote attackers to execute arbitrary SQL commands via the ida parameter in a gallery foto_show action.
CVE-2008-4357 1 Powie 1 Plink 2026-04-23 N/A
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6647 1 W-agora 1 W-agora 2026-04-23 N/A
SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2007-6664 1 Webportal 1 Webportal Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.
CVE-2007-6666 1 Zenphoto 1 Zenphoto 2026-04-23 N/A
SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.
CVE-2007-6667 1 Myphp 1 Myphp Forum 2026-04-23 N/A
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
CVE-2007-6671 1 Instantsoftwares 1 Dating Site 2026-04-23 N/A
SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to execute arbitrary SQL commands via the Password parameter, a different product than CVE-2006-6021. NOTE: some of these details are obtained from third party information.