Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4058
SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote malicious users to execute arbitrary SQL commands via the aid parameter.
Telebidauctionscript Telebid Auction Script
1 EDB exploit
7.5
CVSSv2
CVE-2007-5643
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
Lussumo Vanilla
1 EDB exploit
7.5
CVSSv2
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and previous versions makes it easier for remote malicious users to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON"...
Pc4arb Pc4 Uploader
1 EDB exploit
7.5
CVSSv2
CVE-2008-6303
SQL injection vulnerability in tourview.php in ToursManager allows remote malicious users to execute arbitrary SQL commands via the tourid parameter.
Toursmanager Tours Manager -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6322
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote malicious users to execute arbitrary SQL commands via the categorynbr parameter.
Cfmsource Cfmblog -
1 EDB exploit
6.5
CVSSv2
CVE-2014-9258
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI prior to 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
Glpi-project Glpi
1 EDB exploit
6.8
CVSSv2
CVE-2009-3321
SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the CLIENT_IP HTTP header.
Saphplesson Saphplesson 4.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-3502
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote malicious users to execute arbitrary SQL commands via the music_id parameter.
Bpowerhouse Bpmusic 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3503
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
Bpowerhouse Bpholidaylettings 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-4143
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpcheckz Phpcheckz 1.1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »