Export limit exceeded: 349334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349334 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18937 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3064 | 1 Coppermine | 1 Coppermine Photo Gallery | 2025-04-03 | N/A |
| SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) referer and (2) user-agent HTTP headers. | ||||
| CVE-2006-3048 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2025-04-03 | N/A |
| SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-2977 | 1 Mafia Moblog | 1 Mafia Moblog | 2025-04-03 | N/A |
| SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter. | ||||
| CVE-2006-2973 | 1 Php Lite | 1 Calendar Express | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter. NOTE: this might be a duplicate of CVE-2005-4009.c. | ||||
| CVE-2006-2416 | 1 E107 | 1 E107 | 2025-04-03 | N/A |
| SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name']. | ||||
| CVE-2006-2363 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2006-2301 | 1 Ozzywork | 1 Galeri | 2025-04-03 | N/A |
| SQL injection vulnerability in admin_default.asp in OzzyWork Galeri allows remote attackers to execute arbitrary SQL commands via the (1) Login or (2) password fields. | ||||
| CVE-2006-1978 | 1 Flexbb | 1 Flexbb | 2025-04-03 | N/A |
| SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter. | ||||
| CVE-2006-1962 | 1 Pcpin | 1 Pcpin Chat | 2025-04-03 | N/A |
| SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (login parameter) to main.php. | ||||
| CVE-2002-2305 | 1 Phpsecure.org | 1 Immobilier | 2025-04-03 | N/A |
| SQL injection vulnerability in agentadmin.php in Immobilier allows remote attackers to execute arbitrary SQL commands via the (1) agentname or (2) agentpassword parameter. | ||||
| CVE-2002-2304 | 1 Myphpsoft | 1 Myphplinks | 2025-04-03 | N/A |
| SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter. | ||||
| CVE-2002-2277 | 1 Portail Web Php | 1 Portail Web Php | 2025-04-03 | N/A |
| SQL injection vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to execute arbitrary SQL commands via the (1) $rech, (2) $BD_Tab_docs, (3) $BD_Tab_file, (4) $BD_Tab_liens, (5) $BD_Tab_faq, or (6) $chemin variables. | ||||
| CVE-2002-0999 | 1 Care 2002 | 1 Care 2002 | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in CARE 2002 before beta 1.0.02 allow remote attackers to perform unauthorized database operations. | ||||
| CVE-2004-2695 | 2 Jelsoft, Point-to-point Protocol Project | 2 Vbulletin, Point-to-point Protocol | 2025-04-03 | N/A |
| SQL injection vulnerability in the Authorize.net callback code (subscriptions/authorize.php) in Jelsoft vBulletin 3.0 through 3.0.3 allows remote attackers to execute arbitrary SQL statements via the x_invoice_num parameter. NOTE: this issue might be related to CVE-2006-4267. | ||||
| CVE-2004-1553 | 1 Fullrevolution | 1 Aspwebalbum | 2025-04-03 | N/A |
| SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | ||||
| CVE-2004-0366 | 1 Pam-pgsql | 1 Pam-pgsql | 2025-04-03 | N/A |
| SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements. | ||||
| CVE-2003-1533 | 1 Phppass | 1 Phppass | 2025-04-03 | N/A |
| SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | ||||
| CVE-2003-1532 | 1 Julien Desaunay | 1 Phpmyshop | 2025-04-03 | N/A |
| SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbitrary SQL commands via the (1) identifiant and (2) password parameters. | ||||
| CVE-2003-1530 | 1 Phpbb | 1 Phpbb | 2025-04-03 | N/A |
| SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. | ||||
| CVE-2003-1523 | 1 Dbmail | 1 Dbmail | 2025-04-03 | N/A |
| SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors. | ||||