Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and previous versions makes it easier for remote malicious users to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON"...
Pc4arb Pc4 Uploader
1 EDB exploit
755
VMScore
CVE-2008-6652
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the sitename parameter.
Insanevisions Onecms 2.5
1 EDB exploit
755
VMScore
CVE-2008-5336
SQL injection vulnerability in index.php in WebStudio CMS allows remote malicious users to execute arbitrary SQL commands via the pageid parameter.
Bdigital Web Solutions Webstudio Cms Nil
1 EDB exploit
645
VMScore
CVE-2007-5261
Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) catid parameter to categorydetail.php and the (2) ddlCategory parameter to search.php.
Iscripts Multicart 1.0
1 EDB exploit
755
VMScore
CVE-2008-1591
The pnVarPrepForStore function in PostNuke 0.764 and previous versions skips input sanitization when magic_quotes_runtime is enabled, which allows remote malicious users to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables...
Postnuke Postnuke
1 EDB exploit
755
VMScore
CVE-2008-6322
SQL injection vulnerability in index.cfm in CFMSource CFMBlog allows remote malicious users to execute arbitrary SQL commands via the categorynbr parameter.
Cfmsource Cfmblog -
1 EDB exploit
NA
CVE-2012-33501
Webmatic version 3.1.1 suffers from a remote blind SQL injection vulnerability.
755
VMScore
CVE-2012-0983
SQL injection vulnerability in Scriptsez.net Ez Album allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Scriptsez Ez Album -
1 EDB exploit
515
VMScore
CVE-2008-6851
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Php Link Directory Php Link Directory 3.3
1 EDB exploit
755
VMScore
CVE-2008-2770
SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter.
Mycrocms Mycrocms 0.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »