Total
19450 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | ||||
| CVE-2009-3358 | 1 Tourismscripts | 1 Adult Portal Escort Listing | 2026-04-23 | N/A |
| SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2009-3356 | 1 Plohni | 1 Image Voting | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter. | ||||
| CVE-2006-6706 | 1 Soumu | 3 Koukyoumuke Soumu Workflow, Soumo Workflow, Soumu Workflow | 2026-04-23 | N/A |
| SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors in certain web pages. | ||||
| CVE-2006-6848 | 1 Aspticker | 1 Aspticker | 2026-04-23 | N/A |
| SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter. | ||||
| CVE-2009-3326 | 1 Cmscontrol | 1 Cmscontrol | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the id_menu parameter. | ||||
| CVE-2009-3321 | 1 Saphplesson | 1 Saphplesson | 2026-04-23 | N/A |
| SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header. | ||||
| CVE-2006-6880 | 1 Php-update | 1 Php-update | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter. | ||||
| CVE-2009-3315 | 1 Nelogic | 1 Nephp Publisher | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/index.php in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 allows remote attackers to execute arbitrary SQL commands via the Username field. | ||||
| CVE-2008-5977 | 1 Preprojects | 1 Php Jobwebsite Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action. | ||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | ||||
| CVE-2009-0279 | 1 Pardalcms | 1 Pardalcms | 2026-04-23 | N/A |
| SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2009-3314 | 1 Eliteladders | 1 Elite Gaming Ladders | 2026-04-23 | N/A |
| SQL injection vulnerability in ladders.php in Elite Gaming Ladders 3.2 allows remote attackers to execute arbitrary SQL commands via the platform parameter. | ||||
| CVE-2009-3313 | 1 Fmyclone | 1 Fmyclone | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in FMyClone 2.3 allow remote attackers to execute arbitrary SQL commands via the comp parameter to (1) index.php and (2) editComments.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the id parameter in a comment action to edit.php. | ||||
| CVE-2009-4360 | 2 Handcoders, Xoops | 2 Content Module, Xoops | 2026-04-23 | N/A |
| SQL injection vulnerability in modules/content/index.php in the Content module 0.5 for XOOPS allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2009-3223 | 1 Inoutscripts | 1 Inout Adserver | 2026-04-23 | N/A |
| SQL injection vulnerability in ppc-add-keywords.php in Inout Adserver allows remote authenticated users to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-7118 | 1 Dmxready | 1 Site Engine Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2009-3252 | 1 Dave Robinson | 1 Rockbandcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in news.php in Rock Band CMS 0.10 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) id parameters. | ||||
| CVE-2009-3218 | 1 The-ghost | 1 Ar Web Content Manager | 2026-04-23 | N/A |
| SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2009-3217 | 1 Wiccle | 1 Iwiccle | 2026-04-23 | N/A |
| SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php. | ||||