Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-4337
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore prior to 4.7.5 allows remote malicious users to execute arbitrary SQL commands via the email parameter in a recover_login action.
Ktools Photostore
1 EDB exploit
6.5
CVSSv2
CVE-2014-3857
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) prior to 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Kerio Control 8.3.0
Kerio Control
1 EDB exploit
7.5
CVSSv2
CVE-2016-7400
Multiple SQL injection vulnerabilities in Exponent CMS prior to 2.4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id ...
Exponentcms Exponent Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-5874
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels modul...
Joomlahbs Com Allhotels Nil
Joomlahbs Com 5starhotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
7.5
CVSSv2
CVE-2008-5875
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Joomlahbs Com Lowcosthotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
7.5
CVSSv2
CVE-2013-5694
SQL injection vulnerability in status/service/acknowledge in Opsview prior to 4.4.1 allows remote malicious users to execute arbitrary SQL commands via the service_selection parameter.
Opsview Opsview 4.2
Opsview Opsview 4.1
Opsview Opsview 2.10
Opsview Opsview 2.8
Opsview Opsview 2.7
Opsview Opsview 3.10
Opsview Opsview 3.8
Opsview Opsview 3.6
Opsview Opsview 3.4
Opsview Opsview 3.2
Opsview Opsview
Opsview Opsview 4.3
Opsview Opsview 4.0
Opsview Opsview 3.14
Opsview Opsview 3.1
Opsview Opsview 2.14
Opsview Opsview 3.12
Opsview Opsview 3.0
Opsview Opsview 2.12
1 EDB exploit
7.5
CVSSv2
CVE-2018-10969
SQL injection vulnerability in the Pie Register plugin prior to 3.0.10 for WordPress allows remote malicious users to execute arbitrary SQL commands via the invitation codes grid.
Genetechsolutions Pie Register
1 EDB exploit
7.5
CVSSv2
CVE-2008-7075
Multiple SQL injection vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 allow remote malicious users to inject arbitrary SQL commands via (1) the subcatid parameter to article.list.php; or the artid parameter to (2) article.print.php, (3) article.comments.php, (4) arti...
Kalptaru Infotech Stararticles 6.0
2 EDB exploits
7.5
CVSSv2
CVE-2014-1204
SQL injection vulnerability in Tableau Server 8.0.x prior to 8.0.7 and 8.1.x prior to 8.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be exploited by unauthenticated remote attackers if the guest user is enabled.
Tableausoftware Tableau Server 8.0.2
Tableausoftware Tableau Server 8.0.3
Tableausoftware Tableau Server 8.0.6
Tableausoftware Tableau Server 8.1
Tableausoftware Tableau Server 8.0.4
Tableausoftware Tableau Server 8.0.5
Tableausoftware Tableau Server 8.0
Tableausoftware Tableau Server 8.0.1
Tableausoftware Tableau Server 8.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-3262
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Mambo Mambo
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »