Total
19521 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-6695 | 2 Frank Naegler, Typo3 | 2 Timtab Sociable, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in TIMTAB social bookmark icons (timtab_sociable) 2.0.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2008-6749 | 1 China-on-site | 1 Flexphpdirectory | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters. | ||||
| CVE-2008-7059 | 1 Aled Owen | 1 One-news | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in One-News Beta 2 allows remote attackers to execute arbitrary SQL commands via the q parameter. | ||||
| CVE-2009-2788 | 1 Mobilelib | 1 Mobilelib Gold | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the (1) adminName parameter to cp/auth.php, (2) cid parameter to artcat.php, and (3) catid parameter to show.php. | ||||
| CVE-2009-0373 | 2 Elearningforce, Joomla | 2 Flash Magazine Deluxe, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the ElearningForce Flash Magazine Deluxe (com_flashmagazinedeluxe) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mag_id parameter in a magazine action to index.php. | ||||
| CVE-2008-0543 | 1 Pre Projects | 1 Pre Dynamic Institution | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Pre Dynamic Institution allow remote attackers to execute arbitrary SQL commands via the (1) sloginid and (2) spass parameters to (a) login.asp and (b) siteadmin/login.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-0616 | 1 Dmsguestbook Project | 1 Dmsguestbook | 2026-04-23 | N/A |
| SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2008-0649 | 1 Adp | 1 Astanda Directory Project | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in Astanda Directory Project (ADP) 1.2 and 1.3 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | ||||
| CVE-2008-0918 | 2 Astats, Joomla | 2 Astatspro, Com Astatspro | 2026-04-23 | N/A |
| SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-6261 | 1 E-topbiz | 1 Admanager | 2026-04-23 | N/A |
| SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote attackers to execute arbitrary SQL commands via the group parameter. | ||||
| CVE-2008-1137 | 2 Joomla, Mambo | 2 Com Garyscookbook, Com Garyscookbook | 2026-04-23 | N/A |
| SQL injection vulnerability in the Garys Cookbook (com_garyscookbook) 1.1.1 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php. | ||||
| CVE-2008-1298 | 2 Kyantonius, Php-nuke | 2 Hadith Module, Hadith Module | 2026-04-23 | N/A |
| SQL injection vulnerability in Hadith module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the cat parameter in a viewcat action to modules.php. | ||||
| CVE-2008-1699 | 1 Desiquintans | 1 Writers Block Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in permalink.php in Desi Quintans Writer's Block CMS 3.8a allows remote attackers to execute arbitrary SQL commands via the PostID parameter. | ||||
| CVE-2009-2098 | 1 Micheal Glazer | 1 Phportal | 2026-04-23 | N/A |
| SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2858 | 1 Webchamado | 1 Webchamado | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-2122 | 2 Paolo Palmonari, Wordpress | 2 Photoracer Plugin For Wordpress, Wordpress | 2026-04-23 | N/A |
| SQL injection vulnerability in viewimg.php in the Paolo Palmonari Photoracer plugin 1.0 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2008-2428 | 1 Torrenttrader | 1 Torrenttrader Classic | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in TorrentTrader 1.08 Classic allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) wantusername parameter to account-signup.php, or the (3) receiver parameter to account-inbox.php in a msg action. | ||||
| CVE-2008-2479 | 1 Badongo | 1 Phpfix | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php. | ||||
| CVE-2008-2867 | 1 E-topbiz | 1 Viral Dx 1 | 2026-04-23 | N/A |
| SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. | ||||
| CVE-2008-2906 | 1 Webchamado | 1 Webchamado | 2026-04-23 | N/A |
| SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote attackers to execute arbitrary SQL commands via the tsk_id parameter. | ||||