Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
755
VMScore
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
Abisoftgt Ticketly 1.0
1 EDB exploit
383
VMScore
CVE-2013-4670
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
534
VMScore
CVE-2013-4671
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway 5.0
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
641
VMScore
CVE-2013-4672
The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Symantec Web Gateway 5.0
Symantec Web Gateway 5.0.1
Symantec Web Gateway 5.0.2
Symantec Web Gateway 5.0.3
Symantec Web Gateway 5.0.3.18
Symantec Web Gateway
Symantec Web Gateway Appliance 8450 -
Symantec Web Gateway Appliance 8490 -
755
VMScore
CVE-2010-1583
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! prior to 0.6.3, allows remote malicious users to execute arbitrary SQL commands via the username field in a login action.
Taskfreak Taskfreak\\! 0.5.5
Taskfreak Taskfreak\\! 0.5.6
Taskfreak Taskfreak\\! 0.5.3
Taskfreak Taskfreak\\! 0.1.2
Taskfreak Taskfreak\\! 0.1
Taskfreak Taskfreak\\! 0.4.2
Taskfreak Taskfreak\\! 0.5.0
Taskfreak Taskfreak\\! 0.4.1
Taskfreak Taskfreak\\! 0.4.0
Taskfreak Taskfreak\\! 0.6.0
Taskfreak Taskfreak\\! 0.5.4
Taskfreak Taskfreak\\! 0.5.7
Taskfreak Taskfreak\\!
Taskfreak Taskfreak\\! 0.6.1
Taskfreak Taskfreak\\! 0.5.1
Taskfreak Taskfreak\\! 0.5.2
Taskfreak Taskfreak\\! 0.1.4
Taskfreak Taskfreak\\! 0.1.3
Tirzen Tirzen Framework 1.5
1 EDB exploit
765
VMScore
CVE-2007-4956
Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote malicious users to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typena...
Kwsphp Kwsphp 1.0
3 EDB exploits
765
VMScore
CVE-2008-5874
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels modul...
Joomlahbs Com Allhotels Nil
Joomlahbs Com 5starhotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
765
VMScore
CVE-2008-5875
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Joomlahbs Com Lowcosthotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
770
VMScore
CVE-2008-5865
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Joomlahbs Hotel Booking Reservation System 1.0.0
4 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »