Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
5.3
CVSSv3
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube up to and including 7.2 allows SQL Injection.
Youphptube Youphptube
1 EDB exploit
7.2
CVSSv3
CVE-2017-6088
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or th...
Eyesofnetwork Eyesofnetwork
1 EDB exploit
7.2
CVSSv3
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
NA
CVE-2009-4430
SQL injection vulnerability in index.php in VirtueMart 1.0 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter in a shop.product_details shop.flypage action.
Virtuemart Virtuemart 1.0
1 EDB exploit
NA
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
NA
CVE-2007-6559
Multiple SQL injection vulnerabilities in Logaholic prior to 2.0 RC8 allow remote malicious users to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.
Logaholic Logaholic 0
2 EDB exploits
9.8
CVSSv3
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
NA
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to execute arbitrary SQL commands via the CatID parameter.
Itechscripts Itechclassifieds 3.0
2 EDB exploits
9.8
CVSSv3
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »