Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
7.5
CVSSv2
CVE-2014-8596
Multiple SQL injection vulnerabilities in PHP-Fusion 7.02.07 allow remote authenticated users to execute arbitrary SQL commands via the (1) submit_id parameter in a 2 action to files/administration/submissions.php or (2) status parameter to files/administration/members.php.
Php-fusion Php-fusion 7.02.07
1 EDB exploit
7.5
CVSSv2
CVE-2005-4500
SQL injection vulnerability in MusicBox 2.3 allows remote malicious users to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered.
Musicbox Musicbox 2.3
2 EDB exploits
7.5
CVSSv2
CVE-2014-3749
SQL injection vulnerability in Construtiva CIS Manager allows remote malicious users to execute arbitrary SQL commands via the email parameter to autenticar/lembrarlogin.asp.
Construtiva Cis Manager Cms -
1 EDB exploit
7.5
CVSSv2
CVE-2015-1467
Multiple SQL injection vulnerabilities in Translations in Fork CMS prior to 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.
Fork-cms Fork Cms
1 EDB exploit
7.5
CVSSv2
CVE-2007-6266
Multiple SQL injection vulnerabilities in bcoos 1.0.10 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (...
Bcoos Bcoos 1.0.10
2 EDB exploits
7.5
CVSSv2
CVE-2006-5236
SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter.
4homepages 4images 1.7.3
4homepages 4images 1.7.1
2 EDB exploits
6.5
CVSSv2
CVE-2014-3868
Multiple SQL injection vulnerabilities in ZeusCart 4.x.
Zeuscart Zeuscart 4.0
1 EDB exploit
6.8
CVSSv2
CVE-2012-3350
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Valarsoft Webmatic 3.1.1
1 EDB exploit
6.8
CVSSv2
CVE-2008-0681
SQL injection vulnerability in index.php in PHPShop 0.8.1 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter, as demonstrated by a shop/flypage action.
Phpshop Phpshop 0.8.1
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »