Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-4564
SQL injection vulnerability in index.php in Zenphoto 1.2.5, when the ZenPage plugin is enabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter, related to a URI under news/category/.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-4566
SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote malicious users to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Zenphoto Zenphoto 1.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-4576
SQL injection vulnerability in the BeeHeard (com_beeheard) component 1.x for Joomla! allows remote malicious users to execute arbitrary SQL commands via the category_id parameter in a suggestions action to index.php.
Cmstactics Com Beeheard 1.4
Cmstactics Com Beeheard 1.3
Cmstactics Com Beeheard 1.2
Cmstactics Com Beeheard 1.1
Cmstactics Com Beeheard 1.4.2
Cmstactics Com Beeheard 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0279
SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Pardalcms Pardalcms 0.1.2
Pardalcms Pardalcms 0.1.1
Pardalcms Pardalcms
Pardalcms Pardalcms 0.1.3
Pardalcms Pardalcms 0.01b
Pardalcms Pardalcms 0.1a
Pardalcms Pardalcms 0.01c
1 EDB exploit
6.8
CVSSv2
CVE-2009-0295
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Itlpoll Itpoll 2.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-0333
SQL injection vulnerability in the WebAmoeba (WA) Ticket System (com_waticketsystem) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a category action to index.php.
Joomla Com Waticketsystem
1 EDB exploit
7.5
CVSSv2
CVE-2009-0379
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761.
Joomla Com Pcchess
1 EDB exploit
7.5
CVSSv2
CVE-2009-0446
SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Web-album Webalbum 2.4b
1 EDB exploit
7.5
CVSSv2
CVE-2006-4267
Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirm...
Devellion Cubecart 3.0.7-pl1
Devellion Cubecart 3.0.6
Devellion Cubecart 3.0.7
Devellion Cubecart 3.0.3
Devellion Cubecart 3.0.4
Devellion Cubecart 3.0.11
1 EDB exploit
7.5
CVSSv2
CVE-2011-0646
SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Anserv Php Low Bids
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »