Total
18800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2230 | 1 Broadcom | 1 Cleverpath Portal | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors. | |||||
| CVE-2008-3129 | 1 Catviz | 1 Catviz | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in index.php in Catviz 0.4 beta 1 allow remote attackers to execute arbitrary SQL commands via the (1) foreign_key_value parameter in the news page and (2) webpage parameter in the webpage_multi_edit form. | |||||
| CVE-2007-6393 | 1 Ace Image Hosting Script | 1 Ace Image Hosting Script | 2026-04-23 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated users to execute arbitrary SQL commands via the id parameter in editalbum mode. | |||||
| CVE-2008-5928 | 1 Flds-script | 1 Flds | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in redir.php in Free Links Directory Script (FLDS) 1.2a allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2009-2585 | 1 Mlffat | 1 Mlffat | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731. | |||||
| CVE-2009-4621 | 2 Discuz, Patching | 2 Discuz\!, Jianghu Inn | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JiangHu Inn plugin 1.1 and earlier for Discuz! allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action to forummission.php. | |||||
| CVE-2009-1804 | 1 Videoscript | 1 Youtube Video Script | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in admin/index.php in VideoScript.us YouTube Video Script allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | |||||
| CVE-2008-5630 | 1 Qualityunit | 1 Post Affiliate Pro | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 3 and 3.1.4 allows remote attackers to execute arbitrary SQL commands via the umprof_status parameter. | |||||
| CVE-2008-4884 | 1 Yourfreeworld | 1 Classifieds Hosting Script | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2008-4524 | 1 Adaptcms | 1 Adaptcms | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. | |||||
| CVE-2007-6338 | 1 Trivantis | 1 Coursemill Enterprise Learning Management System | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 allows remote attackers to execute arbitrary SQL commands via the user parameter (username field). NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3813 | 1 Runcms | 1 Runcms | 2026-04-23 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php. | |||||
| CVE-2008-1164 | 1 Phpcomasy | 1 Phpcomasy | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.8 allows remote attackers to execute arbitrary SQL commands via the mod_project_id parameter in a project_detail action. | |||||
| CVE-2008-5609 | 1 Typo3 | 2 Commerce Extension, Typo3 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2009-3316 | 2 Jforjoomla, Joomla | 2 Com Jreservation, Joomla | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php. | |||||
| CVE-2008-3563 | 1 Plogger | 1 Plogger | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the checked array parameter to plog-download.php in an album action and (2) unspecified parameters to plog-remote.php, and (3) allow remote authenticated administrators to execute arbitrary SQL commands via the activate parameter to admin/plog-themes.php, related to theme_dir settings. | |||||
| CVE-2008-3867 | 1 Cce-interact | 1 Interact | 2026-04-23 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in spaces/emailuser.php in Interact 2.4.1 allows remote attackers to execute arbitrary SQL commands via the email_user_key parameter. | |||||
| CVE-2008-2843 | 1 Doitlive | 1 Cms | 2026-04-23 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp. | |||||
| CVE-2009-2607 | 2 Joomla, Pinme | 2 Joomla, Com Pinboard | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the com_pinboard component for Joomla! allows remote attackers to execute arbitrary SQL commands via the task parameter in a showpic action to index.php. | |||||
| CVE-2008-1308 | 2 Phpnuke, Sudirman Angriawan | 2 Php-nuke, Nukec30 | 2026-04-23 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Sudirman Angriawan NukeC30 3.0 module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the id_catg parameter in a ViewCatg action to modules.php. | |||||