Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-0358
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter.
Pixelpost Pixelpost 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-4229
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote malicious users to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-042...
Activewebsoftwares Active Bids
1 EDB exploit
7.5
CVSSv2
CVE-2009-4436
Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote malicious users to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.
Activewebsoftwares Ewebquiz 8.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and previous versions makes it easier for remote malicious users to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON"...
Pc4arb Pc4 Uploader
1 EDB exploit
4.3
CVSSv2
CVE-2010-4913
Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows remote malicious users to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some of these details are obtained from third party information.
Coldgen Coldusergroup 1.06
1 EDB exploit
7.5
CVSSv2
CVE-2010-4916
Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote malicious users to execute arbitrary SQL commands via the (1) ArticleID or (2) LibraryID parameter.
Coldgen Coldusergroup 1.06
1 EDB exploit
7.5
CVSSv2
CVE-2008-5292
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Videogirls Videogirls Biz Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5293
SQL injection vulnerability in index.php in WebStudio eHotel allows remote malicious users to execute arbitrary SQL commands via the pageid parameter.
Bdigital Web Solutions Webstudio Ehotel Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5336
SQL injection vulnerability in index.php in WebStudio CMS allows remote malicious users to execute arbitrary SQL commands via the pageid parameter.
Bdigital Web Solutions Webstudio Cms Nil
1 EDB exploit
7.5
CVSSv2
CVE-2014-100003
SQL injection vulnerability in includes/ym-download_functions.include.php in the Code Futures YourMembers plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the ym_download_id parameter to the default URI.
Yourmembers Project Yourmembers -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »