Search Results (19713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6210 1 Dream4 1 Koobi 2026-04-23 N/A
SQL injection vulnerability in index.php in dream4 Koobi 4.4 and 5.4 allows remote attackers to execute arbitrary SQL commands via the img_id parameter in the gallerypic page.
CVE-2008-6429 2 Joomla, Mike Leeper 2 Joomla, Com Prayercenter 2026-04-23 N/A
SQL injection vulnerability in the PrayerCenter (com_prayercenter) component 1.4.9 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view_request action to index2.php.
CVE-2008-6204 1 Supernet 1 Supernet Shop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp.
CVE-2008-6430 1 Joomla 2 Com Mycontent, Joomla 2026-04-23 N/A
SQL injection vulnerability in the MyContent (com_mycontent) component 1.1.13 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
CVE-2009-4204 1 Ringsworld 1 Flashlight Free Edition 2026-04-23 N/A
SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2009-4206 1 Cmsnx 1 Million Dollar Text Links 2026-04-23 N/A
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-6203 1 Jakob-persson 1 Cobalt 2026-04-23 N/A
SQL injection vulnerability in adminler.asp in CoBaLT 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4208 1 Open-school 1 Open-school 2026-04-23 N/A
SQL injection vulnerability in the os_news module in Open-school (OS) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to index.php.
CVE-2008-6043 1 Phpprobid 1 Php Pro Bid 2026-04-23 N/A
Multiple SQL injection vulnerabilities in PHP Pro Bid (PPB) 6.04 allow remote attackers to execute arbitrary SQL commands via the (1) order_field and (2) order_type parameters to categories.php and unspecified other components. NOTE: some of these details are obtained from third party information.
CVE-2008-6032 1 Wsn 1 Links 2026-04-23 N/A
SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-0880 1 Phpnuke 1 Easycontent Module 2026-04-23 N/A
SQL injection vulnerability in modules.php in the EasyContent module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-6028 1 University Of Queensland 1 Fez 2026-04-23 N/A
SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote attackers to execute arbitrary SQL commands via the parent_id parameter in a subject action.
CVE-2008-1758 1 Kwsphp 1 Kwsphp 2026-04-23 N/A
SQL injection vulnerability in the ConcoursPhoto module for KwsPHP allows remote attackers to execute arbitrary SQL commands via the C_ID parameter to index.php.
CVE-2008-0856 1 E-vision 1 E-vision Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0855 2 Joomla, Mambo 2 Com Facileforms, Com Facileforms 2026-04-23 N/A
SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.
CVE-2008-6020 1 Drupal 2 Drupal, Views 2026-04-23 N/A
SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."
CVE-2008-6593 2 Lightneasy, Sqlite 2 Lightneasy, Sqlite 2026-04-23 N/A
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and earlier allows remote attackers to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
CVE-2008-6019 1 Do-cms 1 Do-cms 2026-04-23 N/A
SQL injection vulnerability in index.php in EACOMM DO-CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-0850 1 Dokeos 1 Dokeos 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Dokeos 1.8.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to whoisonline.php, (2) tracking_list_coaches_column parameter to main/mySpace/index.php, (3) tutor_name parameter to main/create_course/add_course.php, the (4) Referer HTTP header to index.php, and the (5) X-Fowarded-For HTTP header to main/admin/class_list.php.
CVE-2008-6013 1 Openfreeway 1 Freeway 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Freeway before 1.4.3.210 allow remote attackers to execute arbitrary SQL commands via unspecified vectors involving the (1) advanced search result and (2) service resource pages.