Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mysql vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2012-2961
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0
1 EDB exploit
755
VMScore
CVE-2011-4899
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and previous versions does not ensure that the specified MySQL database service is appropriate, which allows remote malicious users to configure an arbitrary database via the dbhost and dbname parameters, ...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.0.11
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 0.711
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
Wordpress Wordpress 0.7
Wordpress Wordpress 2.1.3
Wordpress Wordpress 3.0
Wordpress Wordpress 2.8
1 EDB exploit
755
VMScore
CVE-2011-1513
Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote malicious users to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
E107 E107 0.7.21
E107 E107 0.7.20
E107 E107 0.7.17
E107 E107 0.7.13
E107 E107 0.7.7
E107 E107 0.7.6
E107 E107 0.605
E107 E107 0.7.2
E107 E107 0.7.11
E107 E107 0.7.9
E107 E107 0.7.12
E107 E107 0.7.1
E107 E107 0.7
E107 E107 0.603
E107 E107 0.602
E107 E107 0.608
E107 E107 0.609
E107 E107 0.610
E107 E107 0.616
E107 E107 0.617
E107 E107 0.552
E107 E107 0.553
1 EDB exploit
755
VMScore
CVE-2009-4484
Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL prior to 1.9.9, as used in mysqld in MySQL 5.0.x prior to 5.0.90, MySQL 5.1.x prior to 5.1.43, MySQL 5.5.x up to and including 5.5.0-m2, and other products, allow remote...
Oracle Mysql 5.0.0
Oracle Mysql
Wolfssl Yassl
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Mariadb Mariadb
1 EDB exploit
755
VMScore
CVE-2008-6992
GreenSQL Firewall (greensql-fw), possibly prior to 0.9.2 or 0.9.4, allows remote malicious users to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
Greensql Greensql Firewall 0.3.4
Greensql Greensql Firewall
Greensql Greensql Firewall 0.3.5
Greensql Greensql Firewall 0.8.2
1 EDB exploit
755
VMScore
CVE-2008-6813
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote malicious users to execute arbitrary SQL commands via the id_kat parameter.
Surat Kabar Phpwebnews 0.2
1 EDB exploit
755
VMScore
CVE-2008-6812
SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote malicious users to execute arbitrary SQL commands via the det parameter.
Surat Kabar Phpwebnews 0.1
Surat Kabar Phpwebnews
1 EDB exploit
755
VMScore
CVE-2008-5738
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
Nodstrum Mysql Calendar 1.1
Nodstrum Mysql Calendar 1.2
1 EDB exploit
755
VMScore
CVE-2008-5737
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Nodstrum Mysql Calendar 1.2
Nodstrum Mysql Calendar 1.1
1 EDB exploit
755
VMScore
CVE-2008-5069
SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Deeserver Panuwat Promoteweb Mysql
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »