Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5521
plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter.
Xrms Crm Project Xrms Crm 1.99.2
1 EDB exploit
NA
CVE-2009-1747
SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote malicious users to execute arbitrary SQL commands via the forumid parameter in a post action.
26thavenue Bspeak 1.10
1 EDB exploit
NA
CVE-2008-2416
SQL injection vulnerability in index.php in FicHive 1.0 allows remote malicious users to execute arbitrary SQL commands via the category parameter in a Fiction action, possibly related to sources/fiction.class.php.
Fichive Fichive 1.0
1 EDB exploit
NA
CVE-2006-0123
Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote malicious users to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors.
Adn Forum Adn Forum 1.0
Adn Forum Adn Forum 1.0b
1 EDB exploit
NA
CVE-2006-7101
SQL injection vulnerability in admin.php in PHPWind 5.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the AdminUser cookie.
Phpwind Phpwind
1 EDB exploit
NA
CVE-2007-5125
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1171. Reason: This candidate is a duplicate of CVE-2007-1171. Notes: All CVE users should reference CVE-2007-1171 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2007-0502
SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote malicious users to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492.
Webspell Webspell 4.01.02
1 EDB exploit
NA
CVE-2012-1116
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x prior to 2.5.2 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Joomla Joomla\\! 1.7.3
Joomla Joomla\\! 1.7.2
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 1.7.5
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 1.7.4
Joomla Joomla\\! 1.7.1
Joomla Joomla\\! 1.7.0
1 EDB exploit
NA
CVE-2008-5365
SQL injection vulnerability in VoteHistory.asp in ActiveWebSoftwares ActiveVotes 2.2 allows remote malicious users to execute arbitrary SQL commands via the AccountID parameter.
Activewebsoftwares Activevotes 2.2
1 EDB exploit
NA
CVE-2008-2918
SQL injection vulnerability in details.php in Application Dynamics Cartweaver 3.0 allows remote malicious users to execute arbitrary SQL commands via the prodId parameter, possibly a related issue to CVE-2006-2046.3.
Application Dynamics Cartweaver 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »