Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-5649
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Alstrasoft Article Manager Pro 1.6
1 EDB exploit
1000
VMScore
CVE-2008-5334
PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote malicious users to execute arbitrary PHP code via a URL in the root parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
1000
VMScore
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
1000
VMScore
CVE-2008-0735
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote malicious users to execute arbitrary SQL commands via the albums parameter.
Auracms Auracms 2.2
1 EDB exploit
1000
VMScore
CVE-2007-6172
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
1000
VMScore
CVE-2007-5452
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
Php-stats Php-stats 0.1.9.2
1 EDB exploit
1000
VMScore
CVE-2007-3824
SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows remote malicious users to execute arbitrary SQL commands via the katID parameter.
Mehmet Zati Karahan Mzk Blog
1 EDB exploit
1000
VMScore
CVE-2007-3629
SQL injection vulnerability in oku.asp in Levent Veysi Portal 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Levent Veysi Portal Levent Veysi Portal 1.0
1 EDB exploit
1000
VMScore
CVE-2007-3515
SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Sweetphp Totalcalendar
1 EDB exploit
1000
VMScore
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »