Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5452
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote malicious users to execute arbitrary SQL commands via the sid cookie, as demonstrated by a request to borderpost/imp/compose.php3.
Watchguard Xcs 9.2
Watchguard Xcs 10.0
2 EDB exploits
NA
CVE-2013-3622
Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware prior to 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allows remote authenticated users to execute arbitrary code via the SID parameter.
Supermicro Intelligent Platform Management Firmware 2.24
Supermicro Intelligent Platform Management Firmware
NA
CVE-2008-6642
SQL injection vulnerability in view.php in DotContent FluentCMS 4.x allows remote malicious users to execute arbitrary SQL commands via the sid parameter. NOTE: some of these details are obtained from third party information.
Dotcontent Fluentcms 4.0
Dotcontent Fluentcms 4.1
1 EDB exploit
6.5
CVSSv3
CVE-2021-24360
The Yes/No Chart WordPress plugin prior to 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks
Kohsei-works Yes\\/no Chart
NA
CVE-2006-5419
PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the dir parameter.
University Of Glasgow Specimen Image Database
1 EDB exploit
NA
CVE-2008-4370
Multiple cross-site scripting (XSS) vulnerabilities in Availscript Photo Album allow remote malicious users to inject arbitrary web script or HTML via the (1) sid parameter to pics.php and the (2) a parameter to view.php.
Availscript Availscript Photo Album
1 EDB exploit
NA
CVE-2005-3206
iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote malicious users to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.
Oracle Database Server 9.0.2.4
1 EDB exploit
NA
CVE-2004-1999
Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x up to and including 7.2 allows remote malicious users to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.8
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
NA
CVE-2000-0121
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
Microsoft Windows Nt 4.0
1 EDB exploit
NA
CVE-2008-4072
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote malicious users to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.
Phsdev Phsblog 0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »