Search Results (19798 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6467 1 Dieselscripts 1 Diesel Job Site 2026-04-23 N/A
SQL injection vulnerability in jobs/jobseekers/job-info.php in Diesel Job Site allows remote attackers to execute arbitrary SQL commands via the job_id parameter.
CVE-2008-6461 2 Fr.simon Rundell, Typo3 2 Ste Prayer2, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Random Prayer 2 (ste_prayer2) extension before 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4070 1 Gforge 1 Gforge 2026-04-23 N/A
SQL injection vulnerability in GForge 4.5.14, 4.7.3, and possibly other versions allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6460 2 Mirko Werner, Typo3 2 Mw Random Objects, Typo3 2026-04-23 N/A
SQL injection vulnerability in the Simple Random Objects (mw_random_objects) extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2789 1 Basic-cms 1 Basic-cms 2026-04-23 N/A
SQL injection vulnerability in pages/index.php in BASIC-CMS allows remote attackers to execute arbitrary SQL commands via the page_id parameter.
CVE-2008-6459 1 Typo3 2 Autobeuser, Typo3 2026-04-23 N/A
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6458 2 Dieter Mayer, Typo3 2 Fe Address Edit, Typo3 2026-04-23 N/A
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2632 1 Joomla 2 Com Acctexp, Joomla 2026-04-23 N/A
SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.
CVE-2008-6457 2 Typo3, Walnutstreet 2 Typo3, Cgswigmore 2026-04-23 N/A
SQL injection vulnerability in the Swigmore institute (cgswigmore) extension before 0.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-2460 1 Vbulletin 1 Vbulletin 2026-04-23 N/A
SQL injection vulnerability in faq.php in vBulletin 3.7.0 Gold allows remote attackers to execute arbitrary SQL commands via the q parameter in a search action.
CVE-2008-2451 1 Inmedias 1 Statistics 2026-04-23 N/A
Multiple SQL injection vulnerabilities in the Statistics (aka ke_stats) extension 0.1.2 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-5490 1 Okulumunsitesi 1 Portal 2026-04-23 N/A
SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-2339 1 Turnkeywebtools 1 Sunshop Shopping Cart 2026-04-23 N/A
SQL injection vulnerability in index.php in Turnkey Web Tools SunShop Shopping Cart 3.5.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action, a different vector than CVE-2008-2038, CVE-2007-4597, and CVE-2007-2549.
CVE-2008-6381 1 Bcoos 1 Bcoos 2026-04-23 N/A
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter.
CVE-2008-2096 1 Backlinkspider 1 Backlink Spider 2026-04-23 N/A
SQL injection vulnerability in BackLinkSpider allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to a site-specific component name such as link.php or backlinkspider.php.
CVE-2008-6379 1 Mxmania 1 Gallery Mx 2026-04-23 N/A
SQL injection vulnerability in pics_pre.asp in Gallery MX 2.0.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2008-6376 1 Nexusjnr 1 Jbook 2026-04-23 N/A
SQL injection vulnerability in main.asp in Jbook allows remote attackers to execute arbitrary SQL commands via the password (pass parameter).
CVE-2008-6364 1 Adserversolutions 1 Banner Exchange Software 2026-04-23 N/A
SQL injection vulnerability in logon_process.jsp in Ad Server Solutions Banner Exchange Solution Java allows remote attackers to execute arbitrary SQL commands via the (1) username (uname parameter) and (2) password (pass parameter). NOTE: some of these details are obtained from third party information.
CVE-2008-2029 1 Minibb 1 Minibb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
CVE-2008-4746 1 Uniwin 1 Ecart Professional 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Uniwin eCart Professional 2.0.17 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to (1) search.asp and (2) cartUtil.asp.