Total
19503 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0579 | 1 Joomla | 1 Com Buslicense | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the buslicense (com_buslicense) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in a list action. | ||||
| CVE-2008-0538 | 1 Phpip | 1 Phpip Management | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpIP Management 4.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) password parameter to login.php, the (2) id parameter to display.php, and unspecified other vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0401 | 1 Ephpscripts | 1 E-php Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in browsecats.php in E-Php CMS allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2009-0380 | 3 Joomla, Mambo-foundation, Sigsiu.net | 3 Joomla, Mambo, Sobi2 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2 | ||||
| CVE-2007-6272 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component. | ||||
| CVE-2009-0329 | 1 Joomla | 2 Com Pccookbook, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | ||||
| CVE-2009-0109 | 1 Riotpix | 1 Riotpix | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in RiotPix 0.61 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-0104 | 1 Se-ed | 1 Ezpack | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in EZpack 4.2b2 allows remote attackers to execute arbitrary SQL commands via the qType parameter in a webboard prog action. | ||||
| CVE-2008-7145 | 1 Coronamatrix | 1 Phpaddressbook | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in CoronaMatrix phpAddressBook 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) parameters. | ||||
| CVE-2009-2428 | 1 Tauschregal.de | 1 Tausch Ticket Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Tausch Ticket Script 3 allow remote attackers to execute arbitrary SQL commands via the (1) userid parameter to suchauftraege_user.php and the (2) descr parameter to vote.php; and other unspecified vectors. | ||||
| CVE-2008-7097 | 1 Qsoft-inc | 1 K-rate | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Qsoft K-Rate Premium allow remote attackers to execute arbitrary SQL commands via (1) the $id variable in admin/includes/dele_cpac.php, (2) $ord[order_id] variable in payments/payment_received.php, (3) $id variable in includes/functions.php, and (4) unspecified variables in modules/chat.php, as demonstrated via the (a) show parameter in an online action to index.php; (b) PATH_INTO to the room/ handler; (c) image and (d) id parameters in a vote action to index.php; (e) PATH_INFO to the blog/ handler; and (f) id parameter in a blog_edit action to index.php. | ||||
| CVE-2009-2427 | 1 Jobbr | 1 Jobbr | 2026-04-23 | N/A |
| SQL injection vulnerability in co-profile.php in Jobbr 2.2.7 allows remote attackers to execute arbitrary SQL commands via the emp_id parameter. | ||||
| CVE-2007-6544 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbitrary SQL commands via the lid parameter to (1) brokenfile.php, (2) visit.php, or (3) ratefile.php in modules/mydownloads/; or (4) ratelink.php, (5) modlink.php, or (6) brokenlink.php in modules/mylinks/. | ||||
| CVE-2008-7044 | 1 Ajsquare | 1 Free Polling Script | 2026-04-23 | N/A |
| SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote attackers to execute arbitrary SQL commands via the ques parameter. | ||||
| CVE-2008-6991 | 1 Cmsbright | 1 Cmsbright | 2026-04-23 | N/A |
| SQL injection vulnerability in public/page.php in Websens CMSbright allows remote attackers to execute arbitrary SQL commands via the id_rub_page parameter. | ||||
| CVE-2008-6989 | 1 Ezphotogallery | 1 Ezphotogallery | 2026-04-23 | N/A |
| SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2008-6889 | 1 Activewebsoftwares | 1 Aspreferral | 2026-04-23 | N/A |
| SQL injection vulnerability in Merchantsadd.asp in ASPReferral 5.3 allows remote attackers to execute arbitrary SQL commands via the AccountID parameter. | ||||
| CVE-2008-6880 | 1 Easysitenetwork | 1 Jokes Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in joke.php in EasySiteNetwork Free Jokes Website allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-6866 | 1 Php-nuke | 1 Current Issue Module | 2026-04-23 | N/A |
| SQL injection vulnerability in modules.php in the Current_Issue module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id parameter in a summary action. | ||||
| CVE-2008-6812 | 1 Surat Kabar | 1 Phpwebnews | 2026-04-23 | N/A |
| SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter. | ||||