Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2019-0708
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulne...
Microsoft Windows Vista -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
Microsoft Windows 7 -
5 EDB exploits
2 Metasploit modules
170 Github repositories
10 Articles
1000
VMScore
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
1 EDB exploit
1000
VMScore
CVE-2006-5675
Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite prior to 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these s...
Pentaho Business Intelligence Suite 1.2 Rc2
1 EDB exploit
1000
VMScore
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB prior to 7.6.00.30 allows remote malicious users to execute arbitrary code via a long database name when connecting via a WebDBM client.
Mysql Maxdb
Sap-db Sap-db
1 EDB exploit
1000
VMScore
CVE-2005-0684
Multiple buffer overflows in the web tool for MySQL MaxDB prior to 7.5.00.26 allows remote malicious users to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functiona...
Mysql Maxdb 7.5.00.08
Mysql Maxdb 7.5.00.19
Mysql Maxdb 7.5.00.12
Mysql Maxdb 7.5.00.14
Mysql Maxdb 7.5.00.15
Mysql Maxdb 7.5.00.16
Mysql Maxdb 7.5.00
Mysql Maxdb 7.5.00.11
Mysql Maxdb 7.5.00.18
Mysql Maxdb 7.5.00.23
1 EDB exploit
1000
VMScore
CVE-2004-0627
The check_scramble_323 function in MySQL 4.1.x prior to 4.1.3, and 5.0, allows remote malicious users to bypass authentication via a zero-length scrambled string.
Mysql Mysql 4.1.0
1 EDB exploit
945
VMScore
CVE-2012-2627
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allows remote malicious users to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.
Sonicwall Scrutinizer
1 EDB exploit
940
VMScore
CVE-2020-13851
Artica Pandora FMS 7.44 allows remote command execution via the events feature.
Pandorafms Pandora Fms 7.44
1 Metasploit module
1 Github repository
935
VMScore
CVE-2007-1628
Multiple PHP remote file inclusion vulnerabilities in Study planner (Studiewijzer) 0.15 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the SPL_CFG[dirroot] parameter to (1) service.alert.inc.php or ...
Studiewijzer Studiewijzer 0.13
Studiewijzer Studiewijzer 0.14
Studiewijzer Studiewijzer 0.15
1 EDB exploit
935
VMScore
CVE-2007-1439
PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the home parameter.
Bitesser Mysql Commander
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »