Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5863
SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote malicious users to execute arbitrary SQL commands via the y parameter in a get_user action.
V-gn Userlocator 3.0
1 EDB exploit
NA
CVE-2008-5895
SQL injection vulnerability in connection.php in Mediatheka 4.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user parameter.
Mediatheka Mediatheka 4.2
1 EDB exploit
NA
CVE-2007-6622
SQL injection vulnerability in security.php in ZeusCMS 0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2007-6623
Absolute path traversal vulnerability in ZeusCMS 0.3 and previous versions might allow remote malicious users to list arbitrary directories via a full pathname in the dir parameter.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2009-4351
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the Email (aka username) parameter.
Wscreator Wscreator 1.1
1 EDB exploit
NA
CVE-2009-3500
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
Bpowerhouse Bpgames 1.0
1 EDB exploit
NA
CVE-2009-4436
Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote malicious users to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.
Activewebsoftwares Ewebquiz 8.0
1 EDB exploit
NA
CVE-2010-1073
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
Joshprakash Com Jembed
1 EDB exploit
NA
CVE-2008-2770
SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter.
Mycrocms Mycrocms 0.5
1 EDB exploit
NA
CVE-2009-0405
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the var parameter.
Smartsitecms Smartsitecms 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »