Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5644
Lussumo Vanilla 1.1.3 and previous versions does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote malicious users to conduct unauthorized sort operations and other activities.
Lussumo Vanilla
1 EDB exploit
7.5
CVSSv2
CVE-2008-3382
SQL injection vulnerability in mojoClassified.cgi in MojoClassifieds 2.0 allows remote malicious users to execute arbitrary SQL commands via the cat_a parameter.
Mojoscripts Mojoclassifieds 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-5630
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 up to and including 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a tnews action.
Bbsprocess Bbportals 2.0
Bbsprocess Bbportals 1.5.10
Bbsprocess Bbportals 1.5.11
Bbsprocess Bbportals 1.6.2
1 EDB exploit
7.5
CVSSv2
CVE-2014-100003
SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the ym_download_id parameter to the default URI.
Yourmembers Project Yourmembers -
1 EDB exploit
7.5
CVSSv2
CVE-2008-5292
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Videogirls Videogirls Biz Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5293
SQL injection vulnerability in index.php in WebStudio eHotel allows remote malicious users to execute arbitrary SQL commands via the pageid parameter.
Bdigital Web Solutions Webstudio Ehotel Nil
1 EDB exploit
7.5
CVSSv2
CVE-2012-0983
SQL injection vulnerability in Scriptsez.net Ez Album allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Scriptsez Ez Album -
1 EDB exploit
7.5
CVSSv2
CVE-2008-5863
SQL injection vulnerability in locator.php in the Userlocator module 3.0 for Woltlab Burning Board (wBB) allows remote malicious users to execute arbitrary SQL commands via the y parameter in a get_user action.
V-gn Userlocator 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0405
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the var parameter.
Smartsitecms Smartsitecms 1.0
1 EDB exploit
6.4
CVSSv2
CVE-2007-5261
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
Iscripts Multicart 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »