Search Results (19646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-2013 1 Frontisgroup 1 Frontis 2026-04-23 N/A
SQL injection vulnerability in bin/aps_browse_sources.php in Frontis 3.9.01.24 allows remote attackers to execute arbitrary SQL commands via the source_class parameter in a browse_classes action.
CVE-2008-3027 1 Vangogh Web Cms 1 Vangogh Web Cms 2026-04-23 N/A
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote attackers to execute arbitrary SQL commands via the article_ID parameter to index.php.
CVE-2008-3669 1 Zeescripts 1 Zeereviews 2026-04-23 N/A
SQL injection vulnerability in comments.php in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
CVE-2008-5775 1 Apertoblog 1 Apertoblog 2026-04-23 N/A
SQL injection vulnerability in categories.php in Aperto Blog 0.1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6040 1 Agares Media 1 Arcadem Pro 2026-04-23 N/A
SQL injection vulnerability in index.php in Arcadem Pro 2.700 through 2.802 allows remote attackers to execute arbitrary SQL commands via the articlecat parameter, probably related to includes/articleblock.php.
CVE-2008-0810 2 Joomla, Mambo 2 Com Scheduling Component, Com Scheduling Component 2026-04-23 N/A
SQL injection vulnerability in the com_scheduling module for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-5767 1 Gazatem 1 Gnews Publisher 2026-04-23 N/A
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
CVE-2007-6169 1 Gouae 1 Dwd Realty 2026-04-23 N/A
SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execute arbitrary SQL commands via the uname parameter, a different vector than CVE-2007-6163. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6075 1 Rasihbahar 1 Bahar Download Script 2026-04-23 N/A
SQL injection vulnerability in aspkat.asp in Bahar Download Script 2.0 allows remote attackers to execute arbitrary SQL commands via the kid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6391 1 Nexusjnr 1 Jbook 2026-04-23 N/A
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the username (user parameter).
CVE-2008-4885 1 Yourfreeworld 1 Scrolling Text Ads Script 2026-04-23 N/A
SQL injection vulnerability in tr1.php in YourFreeWorld Scrolling Text Ads Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-4887 1 Netrisk 1 Netrisk 2026-04-23 N/A
SQL injection vulnerability in index.php in NetRisk 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third party information.
CVE-2008-6364 1 Adserversolutions 1 Banner Exchange Software 2026-04-23 N/A
SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information.
CVE-2008-6358 1 Socialgroupie 1 Social Groupie 2026-04-23 N/A
SQL injection vulnerability in group_index.php in Social Groupie allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-3406 1 Phplinkat 1 Phplinkat 2026-04-23 N/A
SQL injection vulnerability in showcat.php in phpLinkat 0.1 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2008-6477 1 Mumbojumbo 1 Op4 2026-04-23 N/A
SQL injection vulnerability in Mumbo Jumbo Media OP4 allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
CVE-2008-0652 2 Joomla, Mambo 2 Com Downloads, Com Downloads 2026-04-23 N/A
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
CVE-2008-3513 1 Php Nuke 1 Basis Consultant Book Catalog 2026-04-23 N/A
SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to modules.php.
CVE-2009-1066 1 Getpixie 1 Pixie Cms 2026-04-23 N/A
SQL injection vulnerability in the referral function in admin/lib/lib_logs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request.
CVE-2009-2209 1 Rs-cms 1 Rs-cms 2026-04-23 N/A
SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter.