Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mr.sql vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3491
SQL injection vulnerability in go.php in Scripts24 iPost 1.0.1 and iTGP 1.0.4 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a report action.
Scripts24 Ipost 1.0.1
Scripts24 Itgp 1.0.4
2 EDB exploits
NA
CVE-2008-3351
SQL injection vulnerability in atomPhotoBlog.php in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 allows remote malicious users to execute arbitrary SQL commands via the photoId parameter in a show action.
Atomphotoblog Atomphotoblog 1.1.5
Atomphotoblog Atomphotoblog 1.0.9.1
2 EDB exploits
NA
CVE-2009-3116
SQL injection vulnerability in index.php in Uiga Church Portal allows remote malicious users to execute arbitrary SQL commands via the year parameter in a calendar action.
Uiga Church Portal
1 EDB exploit
NA
CVE-2008-6663
SQL injection vulnerability in profile.php in PHPAuctions.info PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the auction_id parameter, a different vector than CVE-2009-0106.
Phpauctions Phpauctions
1 EDB exploit
NA
CVE-2008-2796
SQL injection vulnerability in index.php in FreeCMS 0.2 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Freecms.us Freecms 0.2
1 EDB exploit
NA
CVE-2008-3771
Cross-site scripting (XSS) vulnerability in members.php in Pars4u Videosharing 1 allows remote malicious users to inject arbitrary web script or HTML via the PageNo parameter.
Pars4u Videosharing 1
1 EDB exploit
NA
CVE-2008-3772
SQL injection vulnerability in categories_portal.php in Pars4u Videosharing 1 allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter.
Pars4u Videosharing 1
1 EDB exploit
NA
CVE-2008-3779
Cross-site scripting (XSS) vulnerability in search/index.php in Five Star Review Script allows remote malicious users to inject arbitrary web script or HTML via the words parameter in a search action.
Review-script Five Star Review Script
1 EDB exploit
NA
CVE-2008-2393
SQL injection vulnerability in play.php in EntertainmentScript 1.4.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Entertainmentscript Entertainmentscript 1.4.0
1 EDB exploit
NA
CVE-2008-3309
SQL injection vulnerability in info_book.asp in DigiLeave 1.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the book_id parameter.
Digiappz Digileave
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »