Export limit exceeded: 347777 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18872 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18872 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0278 | 1 X7 Group | 1 X7 Chat | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in X7 Chat 2.0.5 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the day parameter in a sm_window action. | ||||
| CVE-2008-0279 | 1 Xforum | 1 Xforum | 2026-04-23 | N/A |
| SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | ||||
| CVE-2008-0695 | 1 Bookmarkx | 1 Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in BookmarkX script 2007 allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a showtopic action. | ||||
| CVE-2008-0692 | 1 Itechscripts | 1 Itechbids | 2026-04-23 | N/A |
| SQL injection vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2008-0649 | 1 Adp | 1 Astanda Directory Project | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | ||||
| CVE-2008-0280 | 1 Mtcms | 1 Mtcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MTCMS 2.0 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via the (1) a or (2) cid parameter. | ||||
| CVE-2008-0281 | 1 Id-commerce | 1 Id-commerce | 2026-04-23 | N/A |
| SQL injection vulnerability in liste.php in ID-Commerce 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the idFamille parameter. | ||||
| CVE-2008-0282 | 1 Domphp | 1 Domphp | 2026-04-23 | N/A |
| SQL injection vulnerability in welcome/inscription.php in DomPHP 0.81 and earlier allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2008-0286 | 1 Article Dashboard | 1 Article Dashboard | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields. | ||||
| CVE-2008-0326 | 1 Fascript | 1 Fapersianhack | 2026-04-23 | N/A |
| SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to show.php. | ||||
| CVE-2008-0328 | 1 Fascript | 1 Faname | 2026-04-23 | N/A |
| SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-0794 | 1 Globalmegacorp | 1 Dvddb | 2026-04-23 | N/A |
| SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary SQL commands via the user parameter. NOTE: this issue has been disputed by a reliable third party, who states that inc/common.php only contains function definitions | ||||
| CVE-2008-0325 | 1 Fascript | 1 Fapersian Petition | 2026-04-23 | N/A |
| SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-0863 | 1 Matteoiammarrone | 1 S-cms | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0353 | 1 Php-residence | 1 Php-residence | 2026-04-23 | N/A |
| SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote attackers to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-0695 | 1 Free Lan Intra Internet Portal | 1 Free Lan Intra Internet Portal | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some sources mention the escape_sqlData, implode_sql, and implode_sqlIn functions, but these are protection schemes, not the vulnerable functions. | ||||
| CVE-2008-0355 | 1 Phpecho Cms | 1 Phpecho Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the forum module in PHPEcho CMS, probably 2.0-rc3 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a section action, a different vector than CVE-2007-2866. | ||||
| CVE-2008-0358 | 1 Pixelpost | 1 Pixelpost | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter. | ||||
| CVE-2009-0825 | 1 Torben Sorensen | 1 Tinx\/cms | 2026-04-23 | N/A |
| SQL injection vulnerability in system/rss.php in TinX/cms 3.x before 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0428 | 1 Bloofoxcms | 1 Bloofoxcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the login function in system/class_permissions.php in bloofoxCMS 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to admin/index.php. | ||||