Search Results (19670 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-1640 1 Jgs-xa 1 Jgs Treffen 2026-04-23 N/A
SQL injection vulnerability in jgs_treffen.php in the JGS-XA JGS-Treffen 2.0.2 and earlier addon for Woltlab Burning Board (wBB) allows remote attackers to execute arbitrary SQL commands via the view_id parameter in an ansicht action.
CVE-2008-5957 2 Joomla, Mydyngallery 2 Joomla, Mydyngallery 2026-04-23 N/A
SQL injection vulnerability in the Mydyngallery (com_mydyngallery) component 1.4.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the directory parameter to index.php.
CVE-2008-6789 1 Minddezign 1 Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.
CVE-2008-6781 1 Scripts-for-sites 1 Ez Gaming Directory 2026-04-23 N/A
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-6778 1 Scripts-for-sites 1 Ez Auction 2026-04-23 N/A
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2008-6632 1 Mercuryboard 1 Mercuryboard 2026-04-23 N/A
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
CVE-2008-6633 1 Beaussier 1 Roomphplanning 2026-04-23 N/A
SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php.
CVE-2008-6640 1 Aspindir 1 Batmanportal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1871 1 Scriptsagent 1 Links Directory 2026-04-23 N/A
SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action.
CVE-2008-1875 1 Terong 1 Advanced Web Photo Gallery 2026-04-23 N/A
SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.
CVE-2008-6647 1 Ktools 1 Photostore 2026-04-23 N/A
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
CVE-2008-6652 1 Insanevisions 1 Onecms 2026-04-23 N/A
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter.
CVE-2008-1890 2 Azrul, Joomla 2 Jom Comment, Joomla 2026-04-23 N/A
SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-1895 1 Carboncommunities 1 Carbon Communities 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3) option_Update.asp in an edit action.
CVE-2009-3961 1 Jos De Ruijter 1 Superseriousstats 2026-04-23 N/A
SQL injection vulnerability in user.php in Super Serious Stats (aka superseriousstats) before 1.1.2p1 allows remote attackers to execute arbitrary SQL commands via the uid parameter, related to an "incorrect regexp." NOTE: some of these details are obtained from third party information.
CVE-2008-5198 1 Vizzed 1 Acmlmboard 2026-04-23 N/A
SQL injection vulnerability in memberlist.php in Acmlmboard 1.A2 allows remote attackers to execute arbitrary SQL commands via the pow parameter.
CVE-2008-5196 1 Php-fusion 2 Php-fusion, The Kroax Module 2026-04-23 N/A
SQL injection vulnerability in kroax.php in the Kroax (the_kroax) 4.42 and earlier module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2008-5195 1 Sebrac 1 Sebraccms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SebracCMS (sbcms) 0.4 allow remote attackers to execute arbitrary SQL commands via (1) the recid parameter to cms/form/read.php, (2) the uname parameter to cms/index.php, and other unspecified vectors.
CVE-2008-5192 1 Philboard 1 Philboard 2026-04-23 N/A
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920.
CVE-2009-3813 1 Runcms 1 Runcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php.