Search Results (19643 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-3416 1 Icebb 1 Icebb 2026-04-23 N/A
SQL injection vulnerability in modules/members.php in IceBB before 1.0-rc9.3 allows remote attackers to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
CVE-2008-3413 1 Greatclone 1 Auction Platinum 2026-04-23 N/A
SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.
CVE-2008-3412 1 Ecshop 1 Epshop 2026-04-23 N/A
SQL injection vulnerability in Comsenz EPShop (aka ECShop) before 3.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a (1) pro_show or (2) disppro action to the default URI.
CVE-2008-3403 1 Mojoscripts 1 Mojopersonals 2026-04-23 N/A
SQL injection vulnerability in mojoClassified.cgi in MojoPersonals allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-3267 1 Mojoscripts 1 Mojojobs 2026-04-23 N/A
SQL injection vulnerability in mojoJobs.cgi in MojoJobs allows remote attackers to execute arbitrary SQL commands via the cat_a parameter.
CVE-2008-3266 1 Softacid 1 Hotel Reservation System Multi 2026-04-23 N/A
SQL injection vulnerability in picture_pic_bv.asp in SoftAcid Hotel Reservation System (HRS) Multi allows remote attackers to execute arbitrary SQL commands via the key parameter.
CVE-2008-3132 1 Joomla 1 Com Beamospetition 2026-04-23 N/A
SQL injection vulnerability in the beamospetition (com_beamospetition) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the pet parameter to index.php.
CVE-2008-3131 1 Powie 1 Psys 2026-04-23 N/A
SQL injection vulnerability in chatbox.php in pSys 0.7.0 Alpha, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the showid parameter.
CVE-2008-3122 1 Xerox 1 Centreware Web 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Xerox CentreWare Web (CWW) before 4.6.46 allow remote authenticated users to execute arbitrary SQL commands via the unspecified vectors.
CVE-2008-3119 1 Dreamlevels 1 Dream Pics Builder 2026-04-23 N/A
SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2007-5679 1 Deeemm 1 Dmcms 2026-04-23 N/A
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
CVE-2008-3092 1 Drupal 1 Taxonomy Autotagger Module 2026-04-23 N/A
SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-3090 1 Blognplus 1 Blognplus 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
CVE-2008-3089 1 Xpoze 1 Xpoze Pro 2026-04-23 N/A
SQL injection vulnerability in user.html in Xpoze Pro 3.06 (aka Xpoze Pro CMS 2008) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2008-3083 2 Brightcode, Joomla 2 Brightcode Weblinks Module, Com Brightweblinks 2026-04-23 N/A
SQL injection vulnerability in Brightcode Weblinks (com_brightweblinks) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-7226 2 Php-nuke, Phpnuke 2 Recipe Module, Php-nuke 2026-04-23 N/A
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other versions for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the recipeid parameter.
CVE-2007-6240 1 Snitz Communications 1 Snitz Forums 2000 2026-04-23 N/A
SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the BuildTime parameter.
CVE-2009-2152 1 Isabela Gasparini 1 Adaptweb 2026-04-23 N/A
SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote attackers to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action.
CVE-2008-2862 1 Elinestudio 1 Site Composer 2026-04-23 N/A
Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.
CVE-2008-2762 1 Xigla 1 Absolute Form Processor Xe 2026-04-23 N/A
SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter.