Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0983
SQL injection vulnerability in Scriptsez.net Ez Album allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Scriptsez Ez Album -
1 EDB exploit
NA
CVE-2010-4143
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpcheckz Phpcheckz 1.1.0
1 EDB exploit
NA
CVE-2009-3503
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
Bpowerhouse Bpholidaylettings 1.0
1 EDB exploit
NA
CVE-2008-0358
SQL injection vulnerability in index.php in Pixelpost 1.7 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter.
Pixelpost Pixelpost 1.7
1 EDB exploit
NA
CVE-2009-4058
SQL injection vulnerability in allauctions.php in Telebid Auction Script allows remote malicious users to execute arbitrary SQL commands via the aid parameter.
Telebidauctionscript Telebid Auction Script
1 EDB exploit
NA
CVE-2009-4229
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote malicious users to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-042...
Activewebsoftwares Active Bids
1 EDB exploit
NA
CVE-2009-4436
Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote malicious users to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706.
Activewebsoftwares Ewebquiz 8.0
1 EDB exploit
NA
CVE-2007-5643
Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the CategoryID parameter to ajax/sortcategories.php or (2) an unspecified vector to ajax/sortroles.php.
Lussumo Vanilla
1 EDB exploit
NA
CVE-2007-5630
SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 up to and including 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a tnews action.
Bbsprocess Bbportals 2.0
Bbsprocess Bbportals 1.5.10
Bbsprocess Bbportals 1.5.11
Bbsprocess Bbportals 1.6.2
1 EDB exploit
NA
CVE-2007-5644
Lussumo Vanilla 1.1.3 and previous versions does not require admin privileges for (1) ajax/sortcategories.php and (2) ajax/sortroles.php, which allows remote malicious users to conduct unauthorized sort operations and other activities.
Lussumo Vanilla
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »