Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
7.5
CVSSv2
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) prior to 11.5, NetFlow Traffic Analyzer (NTA) prior to 4.1, Network Configuration Manager...
Solarwinds Orion Voip \\& Network Quality Manager
Solarwinds Orion Server And Application Manager
Solarwinds Orion Network Configuration Manager
Solarwinds Orion User Device Tracker
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Web Performance Monitor
Solarwinds Orion Netflow Traffic Analyzer
Solarwinds Orion Ip Address Manager
1 EDB exploit
7.5
CVSSv2
CVE-2006-5236
SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.
4homepages 4images 1.7.3
4homepages 4images 1.7.1
2 EDB exploits
7.5
CVSSv2
CVE-2005-4500
SQL injection vulnerability in MusicBox 2.3 allows remote malicious users to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered.
Musicbox Musicbox 2.3
2 EDB exploits
7.5
CVSSv2
CVE-2017-15984
Creative Management System (CMS) Lite 1.4 allows SQL Injection via the S parameter to index.php.
Bekirk Creative Management System Lite 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2017-15985
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
Readymadeb2bscript Basic B2b Script -
1 EDB exploit
7.5
CVSSv2
CVE-2008-5778
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote malicious users to execute arbitrary SQL commands via the linkid parameter.
Flds Script Flds 1.2a
2 EDB exploits
7.5
CVSSv2
CVE-2019-12279
Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form). NOTE: The vendor disputes this issues as not being a vulnerability because the issue does not seem to be a legitimate SQL Injection. The POC does not show any va...
Nagios Nagios Xi 5.6.1
1 EDB exploit
6.5
CVSSv2
CVE-2014-1459
SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NOTE: this can be leveraged using CSRF to allow remote malicious users to ...
Doorgets Doorgets Cms 3.0
Doorgets Doorgets Cms
Doorgets Doorgets Cms 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-2751
SQL injection vulnerability in Parodia prior to 6.809 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Parodia Parodia 6.2
Parodia Parodia 6.4
Parodia Parodia
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »