Export limit exceeded: 18362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (18362 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6632 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-09 | N/A |
| SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']). | ||||
| CVE-2008-6633 | 1 Beaussier | 1 Roomphplanning | 2025-04-09 | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idresa parameter to resaopen.php. | ||||
| CVE-2008-6634 | 1 Beaussier | 1 Roomphplanning | 2025-04-09 | N/A |
| SQL injection vulnerability in RoomPHPlanning 1.5 allows remote attackers to execute arbitrary SQL commands via the idroom parameter to weekview.php. | ||||
| CVE-2008-6911 | 1 Brewblogger | 1 Brewblogger | 2025-04-09 | N/A |
| SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.inc.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6917 | 1 Exoscripts | 1 Exophpdesk | 2025-04-09 | N/A |
| SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote attackers to execute arbitrary SQL commands via the username (user parameter). | ||||
| CVE-2008-6941 | 1 Turnkeyforms | 1 Web Hosting Directory | 2025-04-09 | N/A |
| SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field. | ||||
| CVE-2008-6950 | 1 Webhost-panel | 1 Bankoi Webhosting Control Panel | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.asp in Bankoi WebHosting Control Panel 1.20 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field. | ||||
| CVE-2008-6952 | 1 Cms.maury91 | 1 Maurycms | 2025-04-09 | N/A |
| SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and earlier allows remote attackers to execute arbitrary SQL commands via the c parameter. | ||||
| CVE-2008-6964 | 1 X7 Group | 1 X7 Chat | 2025-04-09 | N/A |
| SQL injection vulnerability in the login page in X7 Chat 2.0.5 allows remote attackers to execute arbitrary SQL commands via the password field. | ||||
| CVE-2008-6968 | 1 Pligg | 1 Pligg Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in submit.php in Pligg CMS 9.9.5 allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) id parameters. | ||||
| CVE-2008-6970 | 1 Ubbcentral | 1 Ubb.threads | 2025-04-09 | N/A |
| SQL injection vulnerability in dosearch.inc.php in UBB.threads 7.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the Forum[] array parameter. | ||||
| CVE-2008-6980 | 1 Phpadultsite | 1 Phpadultsite Cms | 2025-04-09 | N/A |
| SQL injection vulnerability in as_archives.php in phpAdultSite CMS, possibly 2.3.2, allows remote attackers to execute arbitrary SQL commands via the results_per_page parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-6985 | 1 Zen-cart | 1 Zen Cart | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart. | ||||
| CVE-2008-6986 | 1 Zen-cart | 1 Zen Cart | 2025-04-09 | N/A |
| SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985. | ||||
| CVE-2008-6989 | 1 Ezphotogallery | 1 Ezphotogallery | 2025-04-09 | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-6990 | 1 Ezphotogallery | 1 Ezphotogallery | 2025-04-09 | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6991 | 1 Cmsbright | 1 Cmsbright | 2025-04-09 | N/A |
| SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter. | ||||
| CVE-2008-6992 | 1 Greensql | 1 Greensql Firewall | 2025-04-09 | N/A |
| GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL. | ||||
| CVE-2008-7003 | 1 The-rat-cms | 1 The-rat-cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote attackers to execute arbitrary SQL commands via the (1) user_id and (2) password parameter. | ||||
| CVE-2008-7030 | 1 Site2nite | 1 Real Estate Web | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in Site2Nite Real Estate Web allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password field to an unspecified component, possibly agentlist.asp. NOTE: this issue was disclosed by an unreliable researcher, so it might be incorrect. | ||||