Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5978
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
Zechat Project Zechat 1.5
1 EDB exploit
9.8
CVSSv3
CVE-2017-17970
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_ra...
Muvikoscript Muviko 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2019-16692
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
Phpipam Phpipam
1 EDB exploit
1 Github repository
NA
CVE-2015-1517
SQL injection vulnerability in Piwigo prior to 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.
Piwigo Piwigo
1 EDB exploit
NA
CVE-2014-8507
Multiple SQL injection vulnerabilities in the queryLastApp method in packages/WAPPushManager/src/com/android/smspush/WapPushManager.java in the WAPPushManager module in Android prior to 5.0.0 allow remote malicious users to execute arbitrary SQL commands, and consequently launch ...
Google Android 4.0.3
Google Android 4.0.2
Google Android 4.0.1
Google Android 4.0
Google Android 2.3.2
Google Android 2.3.1
Google Android 4.4
Google Android 4.3.1
Google Android 4.3
Google Android 4.2.2
Google Android 4.2.1
Google Android 3.2
Google Android 3.1
Google Android 3.0
Google Android 2.3.7
Google Android 2.1
Google Android 2.0.1
Google Android 2.0
Google Android 1.6
Google Android 2.3
Google Android 2.2.3
Google Android
1 EDB exploit
9.8
CVSSv3
CVE-2017-6089
SQL injection vulnerability in PhpCollab 2.5.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to ...
Phpcollab Phpcollab
1 EDB exploit
9.8
CVSSv3
CVE-2017-7997
Multiple SQL injection vulnerabilities in Gespage prior to 7.4.9 allow remote malicious users to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
Gespage Gespage
1 EDB exploit
7.5
CVSSv3
CVE-2016-7508
Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote malicious user to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding.
Glpi-project Glpi 0.90.4
1 EDB exploit
NA
CVE-2014-5097
Multiple SQL injection vulnerabilities in Free Reprintables ArticleFR 3.0.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) get or (2) set action to rate.php.
Freereprintables Articlefr
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »