Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5979
SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.
Wchat Project Wchat 1.5
1 EDB exploit
9.8
CVSSv3
CVE-2018-5972
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.
Quickad Project Quickad 4.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5977
SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request.
Getaffiligator Affiligator 2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5978
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
Zechat Project Zechat 1.5
1 EDB exploit
NA
CVE-2009-3661
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
Blueconstantmedia Com Djcatalog
1 EDB exploit
9.8
CVSSv3
CVE-2017-6089
SQL injection vulnerability in PhpCollab 2.5.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to ...
Phpcollab Phpcollab
1 EDB exploit
9.8
CVSSv3
CVE-2017-17970
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_ra...
Muvikoscript Muviko 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
7.5
CVSSv3
CVE-2016-7508
Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote malicious user to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding.
Glpi-project Glpi 0.90.4
1 EDB exploit
9.8
CVSSv3
CVE-2018-5984
SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI.
Tumder Project Tumder 2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »