Export limit exceeded: 18393 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18393 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3780 | 1 Review-script | 1 Five Star Review Script | 2025-04-09 | N/A |
| SQL injection vulnerability in recommend.php in Five Star Review Script allows remote attackers to execute arbitrary SQL commands via the item_id parameter. | ||||
| CVE-2008-3783 | 1 Matterdaddy | 1 Matterdaddy Market | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Matterdaddy Market 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) type parameters. | ||||
| CVE-2008-3784 | 2 Btitracker Project, Xbtitracker Project | 2 Btitracker, Xbtitracker | 2025-04-09 | N/A |
| SQL injection vulnerability in scrape.php in BtiTracker 1.4.7 and earlier and xBtiTracker 2.0.542 and earlier allows remote attackers to execute arbitrary SQL commands via the info_hash parameter. | ||||
| CVE-2008-3785 | 1 Miacms | 1 Miacms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in the com_content component in MiaCMS 4.6.5 allow remote attackers to execute arbitrary SQL commands via the id parameter in a (1) view, (2) category, or (3) blogsection action to index.php. | ||||
| CVE-2008-3787 | 1 Nullscripts | 1 Web Directory Script | 2025-04-09 | N/A |
| SQL injection vulnerability in listing_view.php in Web Directory Script 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||
| CVE-2008-3788 | 1 Picturespro | 1 Picturespro Photo Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) qtitle, (2) qid, and (3) qyear parameters to (a) search.php, and the (4) email and (5) password parameters to (b) _login.php. | ||||
| CVE-2008-3845 | 1 Craftysyntax | 1 Crafty Syntax Live Help | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and earlier allow remote attackers to execute arbitrary SQL commands via the department parameter to (1) is_xmlhttp.php and (2) is_flush.php. | ||||
| CVE-2008-3848 | 1 Pdesigner | 1 Z-breaknews | 2025-04-09 | N/A |
| SQL injection vulnerability in single.php in Z-Breaknews 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-3861 | 1 Phpmyrealty | 1 Phpmyrealty | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | ||||
| CVE-2008-3867 | 1 Cce-interact | 1 Interact | 2025-04-09 | N/A |
| SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter. | ||||
| CVE-2008-3880 | 1 Zoneminder | 1 Zoneminder | 2025-04-09 | N/A |
| SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary SQL commands via the filter array parameter. | ||||
| CVE-2008-4431 | 1 Icebb | 1 Icebb | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php. | ||||
| CVE-2008-4433 | 2 Rmsoft, Xoops | 2 Minishop Module, Xoops | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in the RMSOFT MiniShop module 1.0 for Xoops might allow remote attackers to execute arbitrary SQL commands via the itemsxpag parameter. | ||||
| CVE-2008-4461 | 1 Vastal I-tech | 1 Dating Zone | 2025-04-09 | N/A |
| SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote attackers to execute arbitrary SQL commands via the fage parameter. | ||||
| CVE-2008-4436 | 1 Bblog | 1 Wbblog | 2025-04-09 | N/A |
| SQL injection vulnerability in bblog_plugins/builtin.help.php in bBlog 0.7.6 allows remote attackers to execute arbitrary SQL commands via the mod parameter. | ||||
| CVE-2008-4457 | 1 Memht | 1 Memht Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in inc/inc_statistics.php in MemHT Portal 3.9.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via a stats_res cookie to index.php. | ||||
| CVE-2008-4458 | 1 E-php Scripts | 1 B2b Trading Marketplace Script | 2025-04-09 | N/A |
| SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action. | ||||
| CVE-2008-4459 | 1 Extrovert Software | 1 Thyme | 2025-04-09 | N/A |
| SQL injection vulnerability in pick_users.php in the groups module in eXtrovert Thyme 1.3 allows remote attackers to execute arbitrary SQL commands via the uname_search parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4462 | 1 Vastal I-tech | 1 Visa Zone | 2025-04-09 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Visa Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4463 | 1 Vastal I-tech | 1 Jobs Zone | 2025-04-09 | N/A |
| SQL injection vulnerability in view_news.php in Vastal I-Tech Jobs Zone allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||