Export limit exceeded: 21010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10002 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18368 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18368 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-3591 | 1 21degrees | 1 Symphony | 2025-04-09 | N/A |
| SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary SQL commands via the sym_auth cookie in a /publish/filemanager/ request to index.php. | ||||
| CVE-2008-3590 | 1 Egi Zaberl | 1 E.z. Poll | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in admin/login.asp in E. Z. Poll 2 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3588 | 1 Phsblog | 1 Phsblog | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in phsBlog 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to comments.php, (2) cid parameter to index.php, and the (3) urltitle parameter to entries.php. | ||||
| CVE-2008-3586 | 1 Joomla | 1 Com Ezstore | 2025-04-09 | N/A |
| SQL injection vulnerability in the EZ Store (com_ezstore) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-3585 | 1 Pozscripts | 1 Greencart Php Shopping Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in PozScripts GreenCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) product_desc.php and (2) store_info.php. | ||||
| CVE-2008-3582 | 1 Keld | 1 Php-mysql News Script | 2025-04-09 | N/A |
| SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-3580 | 1 Qsoft | 1 K-links | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Links allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to visit.php, or the PATH_INFO to the default URI under (2) report/, (3) addreview/, or (4) refer/. | ||||
| CVE-2008-3563 | 1 Plogger | 1 Plogger | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the checked array parameter to plog-download.php in an album action and (2) unspecified parameters to plog-remote.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the activate parameter to admin/plog-themes.php, related to theme_dir settings. | ||||
| CVE-2008-3561 | 1 Powergap | 1 Shopsystem | 2025-04-09 | N/A |
| SQL injection vulnerability in s03.php in Powergap Shopsystem, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ag parameter. | ||||
| CVE-2008-3556 | 1 Haudenschilt | 1 Battlenet Clan Script | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522. | ||||
| CVE-2008-3554 | 1 Comsenz | 1 Discuz | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action. | ||||
| CVE-2008-3513 | 1 Php Nuke | 1 Basis Consultant Book Catalog | 2025-04-09 | N/A |
| SQL injection vulnerability in the Book Catalog module 1.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the catid parameter in a category action to modules.php. | ||||
| CVE-2008-3512 | 1 Php Nuke | 1 Kleinanzeigen Module | 2025-04-09 | N/A |
| SQL injection vulnerability in the Kleinanzeigen module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the lid parameter in a visit action to modules.php. | ||||
| CVE-2008-3507 | 1 Wogan May | 1 Litenews | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in LiteNews 0.1 (aka 01), and possibly 1.2 and earlier, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | ||||
| CVE-2008-3506 | 1 Polypager | 1 Polypager | 2025-04-09 | N/A |
| SQL injection vulnerability in PolyPager 1.0 rc2 and earlier allows remote attackers to execute arbitrary SQL commands via the nr parameter to the default URI. | ||||
| CVE-2008-3498 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2025-04-09 | N/A |
| SQL injection vulnerability in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cid parameter in an orders action to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-3497 | 1 Myphp Cms | 1 Myphp Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in pages.php in MyPHP CMS 0.3.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | ||||
| CVE-2008-3495 | 1 Aspindir | 1 Pcshey Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in kategori.asp in Pcshey Portal allows remote attackers to execute arbitrary SQL commands via the kid parameter. | ||||
| CVE-2008-3491 | 1 Scripts24 | 2 Ipost, Itgp | 2025-04-09 | N/A |
| SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a report action. | ||||
| CVE-2008-3490 | 1 E-topbiz | 1 Online Dating | 2025-04-09 | N/A |
| SQL injection vulnerability in members/mail.php in E-topbiz Online Dating 3 1.0 allows remote authenticated users to execute arbitrary SQL commands via the mail_id parameter in a veiw action. | ||||