Export limit exceeded: 18393 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18393 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-1841 | 1 Coppermine | 1 Coppermine Photo Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in the session handling functionality in bridge/coppermine.inc.php in Coppermine Photo Gallery (CPG) 1.4.17 and earlier allows remote attackers to execute arbitrary SQL commands via an input field associated with the session_id variable, as exploited in the wild in April 2008. NOTE: the fix for CVE-2008-1840 was intended to address this vulnerability, but is actually inapplicable. | ||||
| CVE-2008-1843 | 1 W2b | 1 Dating Club | 2025-04-09 | N/A |
| SQL injection vulnerability in browse.php in W2B DatingClub (aka Dating Club) allows remote attackers to execute arbitrary SQL commands via the age_to parameter in a browsebyCat action. | ||||
| CVE-2008-1844 | 1 W2b | 1 Phphotresources | 2025-04-09 | N/A |
| SQL injection vulnerability in cat.php in W2B phpHotResources allows remote attackers to execute arbitrary SQL commands via the kind parameter. | ||||
| CVE-2008-1858 | 1 724cms | 1 724cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in 724Networks 724CMS 4.01 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-1864 | 1 Prozilla | 1 Prozilla Freelancers | 2025-04-09 | N/A |
| SQL injection vulnerability in project.php in Prozilla Freelancers allows remote attackers to execute arbitrary SQL commands via the project parameter. | ||||
| CVE-2008-1863 | 1 Prozilla | 1 Cheats | 2025-04-09 | N/A |
| SQL injection vulnerability in view_reviews.php in Prozilla Cheat Script (aka Cheats) 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1859 | 1 Iscripts | 1 Socialware | 2025-04-09 | N/A |
| SQL injection vulnerability in events.php in iScripts SocialWare allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action. | ||||
| CVE-2008-1869 | 1 Site Sift Media | 1 Site Sift Listings | 2025-04-09 | N/A |
| SQL injection vulnerability in Site Sift Listings allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. NOTE: this issue might be site-specific. | ||||
| CVE-2008-1870 | 1 Geek247 | 1 Pigmy-sql | 2025-04-09 | N/A |
| SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1871 | 1 Scriptsagent | 1 Links Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in links.php in Scriptsagent.com Links Directory 1.1 allows remote authenticated users to execute arbitrary SQL commands via the cat_id parameter in a list action. | ||||
| CVE-2008-1872 | 1 Comdev | 1 Comdev News Publisher | 2025-04-09 | N/A |
| SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote attackers to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1875 | 1 Terong | 1 Advanced Web Photo Gallery | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter. | ||||
| CVE-2008-1890 | 2 Azrul, Joomla | 2 Jom Comment, Joomla | 2025-04-09 | N/A |
| SQL injection vulnerability in the Jom Comment 2.0 build 345 component for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1889 | 1 Xplodphp | 1 Autotutorials | 2025-04-09 | N/A |
| SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1909 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2025-04-09 | N/A |
| SQL injection vulnerability in comment.php in PHP Knowledge Base (PHPKB) 1.5 and 2.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2008-1907 | 1 Cpcommerce | 1 Cpcommerce | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in functions/display_page.func.php in cpCommerce 1.1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_product, (2) id_manufacturer, and (3) id_category parameters to unspecified components. NOTE: this probably overlaps CVE-2007-2959 and CVE-2007-2890. | ||||
| CVE-2008-1913 | 1 Lasernet Cms | 1 Lasernet Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Lasernet CMS 1.5 and 1.11, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the new parameter in a new action. | ||||
| CVE-2008-1915 | 1 Devworx | 1 Blogworx | 2025-04-09 | N/A |
| SQL injection vulnerability in view.asp in DevWorx BlogWorx 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-1918 | 1 Php-fusion | 1 Php-fusion | 2025-04-09 | N/A |
| SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action. NOTE: it was later reported that 7.00.2 is also affected. | ||||
| CVE-2008-1919 | 1 Yourfreeworld | 1 Apartment Search Script | 2025-04-09 | N/A |
| SQL injection vulnerability in listtest.php in YourFreeWorld Apartment Search Script allows remote attackers to execute arbitrary SQL commands via the r parameter. | ||||