Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-3500
Multiple SQL injection vulnerabilities in BPowerHouse BPGames 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to main.php and (2) game_id parameter to game.php.
Bpowerhouse Bpgames 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3502
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote malicious users to execute arbitrary SQL commands via the music_id parameter.
Bpowerhouse Bpmusic 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-2919
SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote malicious users to execute arbitrary SQL commands via the sort parameter.
Gryphonllc Gryphon Gllcts2 4.2.4
1 EDB exploit
5
CVSSv2
CVE-2007-6623
Absolute path traversal vulnerability in ZeusCMS 0.3 and previous versions might allow remote malicious users to list arbitrary directories via a full pathname in the dir parameter.
Zeuscms Zeuscms
1 EDB exploit
6.5
CVSSv2
CVE-2014-9258
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI prior to 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
Glpi-project Glpi
1 EDB exploit
7.5
CVSSv2
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6303
SQL injection vulnerability in tourview.php in ToursManager allows remote malicious users to execute arbitrary SQL commands via the tourid parameter.
Toursmanager Tours Manager -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6322
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote malicious users to execute arbitrary SQL commands via the categorynbr parameter.
Cfmsource Cfmblog -
1 EDB exploit
7.5
CVSSv2
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote malicious users to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
Coldgen Coldusergroup 1.06
1 EDB exploit
7.5
CVSSv2
CVE-2012-2952
SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the add_ons parameter.
Jaow Jaow
Jaow Jaow 2.4
Jaow Jaow 2.3
Jaow Jaow 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »