Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4229
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote malicious users to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-042...
Activewebsoftwares Active Bids
1 EDB exploit
6.8
CVSSv2
CVE-2008-0358
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter.
Pixelpost Pixelpost 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-3208
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.
Prakashatma Mishra Phpfreebb 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-3321
SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the CLIENT_IP HTTP header.
Saphplesson Saphplesson 4.3
1 EDB exploit
7.5
CVSSv2
CVE-2012-2952
SQL injection vulnerability in add_ons.php in Jaow 2.4.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the add_ons parameter.
Jaow Jaow
Jaow Jaow 2.4
Jaow Jaow 2.3
Jaow Jaow 2.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-4351
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the Email (aka username) parameter.
Wscreator Wscreator 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0405
SQL injection vulnerability in articles.php in smartSite CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the var parameter.
Smartsitecms Smartsitecms 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-4143
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpcheckz Phpcheckz 1.1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5293
SQL injection vulnerability in index.php in WebStudio eHotel allows remote malicious users to execute arbitrary SQL commands via the pageid parameter.
Bdigital Web Solutions Webstudio Ehotel Nil
1 EDB exploit
7.5
CVSSv2
CVE-2007-5630
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 up to and including 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a tnews action.
Bbsprocess Bbportals 2.0
Bbsprocess Bbportals 1.5.10
Bbsprocess Bbportals 1.5.11
Bbsprocess Bbportals 1.6.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »