Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5097
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php.
Freereprintables Articlefr
1 EDB exploit
NA
CVE-2013-2559
SQL injection vulnerability in Symphony CMS prior to 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Getsymphony Symphony 2.0
Getsymphony Symphony 2.0.3
Getsymphony Symphony 2.0.4
Getsymphony Symphony 2.0.5
Getsymphony Symphony 2.0.6
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.1.0
Getsymphony Symphony 2.1.1
Getsymphony Symphony 2.3
Getsymphony Symphony
1 EDB exploit
9.8
CVSSv3
CVE-2019-16692
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
Phpipam Phpipam
1 EDB exploit
1 Github repository
NA
CVE-2015-1517
SQL injection vulnerability in Piwigo prior to 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.
Piwigo Piwigo
1 EDB exploit
9.8
CVSSv3
CVE-2017-15977
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
Protectedlinks Expiring Download Links 1.0
1 EDB exploit
NA
CVE-2012-1673
SQL injection vulnerability in loginscript.php in e-ticketing allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Ola Lasisi E-ticketing -
1 EDB exploit
9.8
CVSSv3
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
NA
CVE-2010-42783
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
NA
CVE-2010-42792
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
NA
CVE-2010-42804
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »