Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2015-2844
The cpanel function in go_site.php in GoAutoDial GoAdmin CE prior to 3.3-1420434000 allows remote malicious users to execute arbitrary commands via the $action portion of the PATH_INFO.
Goautodial Goadmin Ce 3.0
Goautodial Goadmin Ce 3.3
1 EDB exploit
3 Github repositories
1000
VMScore
CVE-2015-2845
The cpanel function in go_site.php in GoAutoDial GoAdmin CE prior to 3.3-1421902800 allows remote malicious users to execute arbitrary commands via the $type portion of the PATH_INFO.
Goautodial Goadmin Ce 3.0
Goautodial Goadmin Ce 3.3
2 EDB exploits
3 Github repositories
1000
VMScore
CVE-2014-3829
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variabl...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
1 EDB exploit
1000
VMScore
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
1000
VMScore
CVE-2012-6275
Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote malicious users to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.
Bigantsoft Bigant Im Message Server -
1 EDB exploit
1000
VMScore
CVE-2012-2953
The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary commands via crafted input to application scripts.
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.3
2 EDB exploits
1000
VMScore
CVE-2012-3859
Unspecified vulnerability in the WebAdmin Portal in Netsweeper has unknown impact and attack vectors, a different vulnerability than CVE-2012-2446 and CVE-2012-2447.
Netsweeper Netsweeper
1 EDB exploit
1000
VMScore
CVE-2012-1002
SQL injection vulnerability in author/edit.php in OpenConf 4.x prior to 4.12 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Zakongroup Openconf 4.10
Zakongroup Openconf 4.11
Zakongroup Openconf 4.02
Zakongroup Openconf 4.01
Zakongroup Openconf 4.00
1 EDB exploit
1000
VMScore
CVE-2011-1653
Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 allow remote malicious users to execute arbitrary SQL commands via vectors involving the (1) UnAssignFunctionalRoles, (2) UnassignAdminRoles, (3) DeleteFilte...
Broadcom Total Defense R12
1 EDB exploit
1000
VMScore
CVE-2010-4279
The default configuration of Pandora FMS 3.1 and previous versions specifies an empty string for the loginhash_pwd field, which allows remote malicious users to bypass authentication by sending a request to index.php with "admin" in the loginhash_user parameter, in conj...
Artica Pandora Fms 1.3
Artica Pandora Fms 1.2
Artica Pandora Fms 2.1.1
Artica Pandora Fms
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 1.3.1
Artica Pandora Fms 2.1
Artica Pandora Fms 3.1
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »