Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

blind sql injection vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2

CVE-2008-1870

SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sqlGeek247 Pigmy-sql 1.4
6.8
CVSSv2

CVE-2012-3350

SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Valarsoft Webmatic 3.1.1
7.5
CVSSv2

CVE-2014-9254

bb_func_unsub.php in MiniBB 3.1 prior to 20141127 uses an incorrect regular expression, which allows remote malicious users to conduct SQl injection attacks via the code parameter in an unsubscribe action to index.php.
Minibb Minibb
7.5
CVSSv2

CVE-2013-5697

SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and previous versions for Apache allows remote malicious users to execute arbitrary SQL commands via a Host header.
Simone Tellini Mod Accounting
7.5
CVSSv2

CVE-2008-5864

SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Joomlahbs Com Tophotelmodule 1.0.0Joomlahbs Hotel Booking Reservation System 1.0.0
7.5
CVSSv2

CVE-2008-5865

SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Joomlahbs Hotel Booking Reservation System 1.0.0
9.8
CVSSv3

CVE-2016-4337

SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore prior to 4.7.5 allows remote malicious users to execute arbitrary SQL commands via the email parameter in a recover_login action.
Ktools Photostore
6.5
CVSSv2

CVE-2014-3857

Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) prior to 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Kerio ControlKerio Control 8.3.0
9.8
CVSSv3

CVE-2016-7400

Multiple SQL injection vulnerabilities in Exponent CMS prior to 2.4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id ...
Exponentcms Exponent Cms
6
CVSSv2

CVE-2008-1918

SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magic_quotes_gpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submit_info[] parameter in a link submission action....
Php-fusion Php-fusion 6.00.307Php-fusion Php-fusion 6.01.14
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
path traversalCVE-2025-2657CVE-2025-30066CVE-2025-24813apache commons vfsCVE-2025-2478validationCVE-2025-2674code injectionmedical card generation systemmicrosoft edge (chromium-based)CVE-2025-2688cicadascms
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook