Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4280
Multiple SQL injection vulnerabilities in Pandora FMS prior to 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estad...
Artica Pandora Fms 3.0
Artica Pandora Fms 3.1
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
2 EDB exploits
10
CVSSv2
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
7.5
CVSSv2
CVE-2017-17999
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote malicious users to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
Fairsketch Rise Ultimate Project Manager 1.9
1 EDB exploit
7.5
CVSSv2
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
7.5
CVSSv2
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-14738
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
Filerun Filerun
1 EDB exploit
7.5
CVSSv2
CVE-2007-6559
Multiple SQL injection vulnerabilities in Logaholic prior to 2.0 RC8 allow remote malicious users to execute arbitrary SQL commands via (1) the from parameter to index.php or (2) the page parameter to update.php.
Logaholic Logaholic 0
2 EDB exploits
7.5
CVSSv2
CVE-2015-3933
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS prior to 0.0.3-patch allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
Metalgenix Genixcms
1 EDB exploit
6.5
CVSSv2
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
6.8
CVSSv2
CVE-2019-11600
A SQL injection vulnerability in the activities API in OpenProject prior to 8.3.2 allows a remote malicious user to execute arbitrary SQL commands via the id parameter. The attack can be performed unauthenticated if OpenProject is configured not to require authentication for API ...
Openproject Openproject
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »