Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5895
SQL injection vulnerability in connection.php in Mediatheka 4.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user parameter.
Mediatheka Mediatheka 4.2
1 EDB exploit
6.8
CVSSv2
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
1 EDB exploit
7.5
CVSSv2
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6303
SQL injection vulnerability in tourview.php in ToursManager allows remote malicious users to execute arbitrary SQL commands via the tourid parameter.
Toursmanager Tours Manager -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6652
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the sitename parameter.
Insanevisions Onecms 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-3208
Multiple SQL injection vulnerabilities in phpfreeBB 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to permalink.php and (2) year parameter to index.php.
Prakashatma Mishra Phpfreebb 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3502
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote malicious users to execute arbitrary SQL commands via the music_id parameter.
Bpowerhouse Bpmusic 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3503
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
Bpowerhouse Bpholidaylettings 1.0
1 EDB exploit
6.5
CVSSv2
CVE-2014-9258
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI prior to 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
Glpi-project Glpi
1 EDB exploit
7.5
CVSSv2
CVE-2014-100003
SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the ym_download_id parameter to the default URI.
Yourmembers Project Yourmembers -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »