Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-2337
SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the spam_id parameter.
W3bcms Gaestebuch Guestbook Module 3.0.0
1 EDB exploit
755
VMScore
CVE-2008-4524
SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote malicious users to execute arbitrary SQL commands via the user_name parameter.
Adaptcms Adaptcms 1.3
1 EDB exploit
685
VMScore
CVE-2009-1661
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the rating parameter to index.php.
Anoldman Utopic 1.0
1 EDB exploit
655
VMScore
CVE-2014-5521
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
Xrms Crm Project Xrms Crm 1.99.2
1 EDB exploit
755
VMScore
CVE-2009-1345
SQL injection vulnerability in document.php in cpCommerce 1.2.8 allows remote malicious users to execute arbitrary SQL commands via the id_document parameter.
Cpcommerce Cpcommerce 1.2.8
1 EDB exploit
755
VMScore
CVE-2009-3713
SQL injection vulnerability in fichero.php in MorcegoCMS 1.7.6 and previous versions allows remote malicious users to execute arbitrary SQL commands via the query string.
Morcego Morcegocms
Morcego Morcegocms 1.5.0
Morcego Morcegocms 1.1.0
Morcego Morcegocms 0.9.6
1 EDB exploit
755
VMScore
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirm...
Devellion Cubecart 3.0.7-pl1
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.7
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.4
Devellion Cubecart 3.0.11
1 EDB exploit
755
VMScore
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
755
VMScore
CVE-2010-0945
SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Hotbrackets Com Hotbrackets
1 EDB exploit
755
VMScore
CVE-2008-4357
SQL injection vulnerability in linkto.php in Powie pLink 2.07 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Plink 2.07
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »