Export limit exceeded: 18387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6109 | 1 Candypress | 1 Candypress Store | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp. | ||||
| CVE-2006-6094 | 1 Dotnetindex | 1 Active News Manager | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp. | ||||
| CVE-2006-6073 | 1 Enthrallweb | 1 Eshopping Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter in productdetail.asp or the (2) categoryid parameter in products.asp. | ||||
| CVE-2006-6048 | 1 Etomite | 1 Etomite | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Etomite CMS 0.6.1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-0327 | 1 Fascript | 1 Famp3 | 2025-04-09 | N/A |
| SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-5242 | 1 Etomite | 1 Etomite | 2025-04-09 | N/A |
| SQL injection vulnerability in Etomite Content Management System (CMS) before 0.6.1.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-5221 | 1 Cahier De Textes | 1 Cahier De Textes | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php. | ||||
| CVE-2007-6587 | 1 Plogger | 1 Plogger | 2025-04-09 | N/A |
| SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-1171 | 1 Nukescripts | 1 Nukesentinel | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions before 2.5.12 allows remote attackers to execute arbitrary SQL commands via an admin cookie. | ||||
| CVE-2008-6471 | 1 Mountaingrafix | 1 Easylink | 2025-04-09 | N/A |
| SQL injection vulnerability in detail.php in MountainGrafix easyLink 1.1.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter in a show action. | ||||
| CVE-2008-5930 | 1 The Net Guys | 1 Aspired2blog | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/blog_comments.asp in The Net Guys ASPired2Blog allows remote attackers to execute arbitrary SQL commands via the BlogID parameter. | ||||
| CVE-2008-5926 | 1 Asp-dev | 1 Internal E-mail System | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in ASP-DEv Internal E-Mail System allow remote attackers to execute arbitrary SQL commands via the (1) login parameter (aka user field) or the (2) password parameter (aka pass field). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0810 | 1 Xatrix | 1 Xguestbook | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||
| CVE-2008-5888 | 1 Icash | 1 Click\&rank | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) hitcounter.asp, (2) user_delete.asp, and (3) user_update.asp; (4) the userid parameter to admin_login.asp (aka the USERNAME field in admin.asp); and (5) the PassWord parameter to admin_login.asp (aka the PASSWORD field in admin.asp). NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0651 | 1 Pedro Santana Codice | 1 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote attackers to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1513 | 1 Danneo | 1 Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Danneo CMS 0.5.1 and earlier, when the Referers statistics option is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header. | ||||
| CVE-2008-6390 | 1 Ocean12tech | 1 Membership Manager Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1539 | 1 Futurenuke | 1 Php Nuke Platinum | 2025-04-09 | N/A |
| SQL injection vulnerability in includes/dynamic_titles.php in PHP-Nuke Platinum 7.6.b.5 allows remote attackers to execute arbitrary SQL commands via the p parameter to modules.php for the Forums module. | ||||
| CVE-2008-3206 | 1 Iamilkay | 1 Yuhhu Pubs Black Cat | 2025-04-09 | N/A |
| SQL injection vulnerability in browse.groups.php in Yuhhu Pubs Black Cat allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2009-4540 | 1 Bpowerhouse | 1 Mini Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in page.php in Mini CMS 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||