Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to execute arbitrary SQL commands via the CatID parameter.
Itechscripts Itechclassifieds 3.0
2 EDB exploits
NA
CVE-2013-1617
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2010-1583
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! prior to 0.6.3, allows remote malicious users to execute arbitrary SQL commands via the username field in a login action.
Taskfreak Taskfreak! 0.4.0
Taskfreak Taskfreak! 0.6.0
Taskfreak Taskfreak! 0.5.5
Taskfreak Taskfreak! 0.1.4
Taskfreak Taskfreak! 0.5.1
Taskfreak Taskfreak!
Taskfreak Taskfreak! 0.4.2
Taskfreak Taskfreak! 0.6.1
Taskfreak Taskfreak! 0.5.2
Taskfreak Taskfreak! 0.5.3
Taskfreak Taskfreak! 0.5.0
Taskfreak Taskfreak! 0.5.4
Taskfreak Taskfreak! 0.1.2
Taskfreak Taskfreak! 0.5.6
Taskfreak Taskfreak! 0.4.1
Taskfreak Taskfreak! 0.1
Taskfreak Taskfreak! 0.1.3
Taskfreak Taskfreak! 0.5.7
Tirzen Tirzen Framework 1.5
1 EDB exploit
7.2
CVSSv3
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2020-35476
A remote code execution vulnerability occurs in OpenTSDB up to and including 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.j...
Opentsdb Opentsdb
1 Metasploit module
2 Github repositories
NA
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
NA
CVE-2013-4670
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
NA
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 3.0.1
Apprain Apprain 0.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.2
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.3
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »