Search Results (19686 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6106 1 Alstrasoft 1 E-friends 2026-04-23 N/A
SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewevent action.
CVE-2007-6217 1 Irola 1 My-time 2026-04-23 N/A
Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remote attackers to execute arbitrary SQL commands via the (1) login (aka Username) and (2) password parameters. NOTE: some of these details are obtained from third party information.
CVE-2008-2983 1 Cwh Underground 1 Demo4 Cms 2026-04-23 N/A
SQL injection vulnerability in index.php in Demo4 CMS 01 Beta allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-7114 1 Ifusionservices 1 Ifdate 2026-04-23 N/A
SQL injection vulnerability in members_search.php in iFusion Services iFdate 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the name field.
CVE-2008-7119 1 Webidsupport 1 Webid 2026-04-23 N/A
SQL injection vulnerability in item.php in WeBid auction script 0.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2995 1 Phpeasydata 1 Phpeasydata 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHPEasyData 1.5.4 allow remote attackers to execute arbitrary SQL commands via (1) the annuaire parameter to annuaire.php or (2) the username field in admin/login.php.
CVE-2008-2999 1 Drupal 2 Aggregation Module, Drupal 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Aggregation module 5.x before 5.x-4.4 for Drupal allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6728 1 Phpnuke 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in the Sections module in PHP-Nuke, probably before 8.0, allows remote attackers to execute arbitrary SQL commands via the artid parameter in a printpage action to modules.php.
CVE-2008-2012 1 Postnuke Software Foundation 1 Postschedule 2026-04-23 N/A
SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action.
CVE-2008-6721 1 Ajsquare 1 Aj Article 2026-04-23 N/A
SQL injection vulnerability in index.php in AJ Square AJ Article allows remote attackers to execute arbitrary SQL commands via the txtName parameter (aka the username field).
CVE-2008-1789 1 Prozilla 1 Forum 2026-04-23 N/A
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.
CVE-2008-1990 1 Acidcat 1 Acidcat Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Acidcat CMS 3.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) cID parameter to default.asp and the (2) username parameter to main_login2.asp.
CVE-2008-3185 1 Vclcomponents 1 Relative Real Estate Systems 2026-04-23 N/A
SQL injection vulnerability in index.php in Relative Real Estate Systems 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the listing_id parameter in a listings action.
CVE-2008-6692 2 Fr.simon Rundell, Typo3 2 Pd Trainingcourses, Typo3 2026-04-23 N/A
SQL injection vulnerability in Diocese of Portsmouth Training Courses (pd_trainingcourses) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6593 2 Lightneasy, Sqlite 2 Lightneasy, Sqlite 2026-04-23 N/A
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
CVE-2008-1758 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.
CVE-2008-3193 1 Sclek 1 Jsite 2026-04-23 N/A
SQL injection vulnerability in jSite 1.0 OE allows remote attackers to execute arbitrary SQL commands via the page parameter to the default URI.
CVE-2008-6471 1 Mountaingrafix 1 Easylink 2026-04-23 N/A
SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a show action.
CVE-2008-2446 1 Wgcc 1 Web Group Communication Center 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php.
CVE-2008-4176 1 Asp Indir 1 Fot Video Scripti 2026-04-23 N/A
SQL injection vulnerability in izle.asp in FoT Video scripti 1.1 beta allows remote attackers to execute arbitrary SQL commands via the oyun parameter.