Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5644
Lussumo Vanilla 1.1.3 and previous versions does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote malicious users to conduct unauthorized sort operations and other activities.
Lussumo Vanilla
1 EDB exploit
7.5
CVSSv2
CVE-2008-2815
SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mymarket Mymarket 1.72
1 EDB exploit
6.8
CVSSv2
CVE-2008-2919
SQL injection vulnerability in listing.php in Gryphon gllcTS2 4.2.4 allows remote malicious users to execute arbitrary SQL commands via the sort parameter.
Gryphonllc Gryphon Gllcts2 4.2.4
1 EDB exploit
7.5
CVSSv2
CVE-2010-1479
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the moduleid parameter in a raw action to index.php.
Rockettheme Com Rokmodule 1.1
2 EDB exploits
7.5
CVSSv2
CVE-2010-1480
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information.
Rockettheme Com Rokmodule 1.1
2 EDB exploits
7.5
CVSSv2
CVE-2010-1740
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote malicious users to execute arbitrary SQL commands via the lng parameter.
Freeguppy Guppy 4.5.18
1 EDB exploit
7.5
CVSSv2
CVE-2009-2439
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote malicious users to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a produ...
Web Development House Alibaba Clone
2 EDB exploits
7.5
CVSSv2
CVE-2014-8681
SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 up to and including 0.5.6.x prior to 0.5.6.1025 Beta allows remote malicious users to execute arbitrary SQL commands via the label parameter to user/repos/issues.
Gogits Gogs 0.4.1
Gogits Gogs 0.4.2
Gogits Gogs 0.5.0
Gogits Gogs 0.5.2
Gogits Gogs
Gogits Gogs 0.3.1-9
1 EDB exploit
7.5
CVSSv2
CVE-2006-1327
SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote malicious users to execute arbitrary SQL commands via the mail parameter.
Softbb Softbb 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2011-0646
SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Anserv Php Low Bids
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »