Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-3661
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
Blueconstantmedia Com Djcatalog
1 EDB exploit
6
CVSSv2
CVE-2015-1517
SQL injection vulnerability in Piwigo prior to 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.
Piwigo Piwigo
1 EDB exploit
NA
CVE-2010-42805
Pandora FMS versions 3.1 and below suffer from authentication bypass, os command injection, remote SQL injection, remote file inclusion and path traversal vulnerabilities.
7.5
CVSSv2
CVE-2018-5978
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
Zechat Project Zechat 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2018-5979
SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.
Wchat Project Wchat 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2014-5097
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php.
Freereprintables Articlefr
1 EDB exploit
7.5
CVSSv2
CVE-2018-5984
SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI.
Tumder Project Tumder 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2018-5977
SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request.
Getaffiligator Affiligator 2.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-6089
SQL injection vulnerability in PhpCollab 2.5.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to ...
Phpcollab Phpcollab
1 EDB exploit
7.5
CVSSv2
CVE-2017-7997
Multiple SQL injection vulnerabilities in Gespage prior to 7.4.9 allow remote malicious users to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
Gespage Gespage
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »