Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6962
SQL injection vulnerability in the web application in Farol allows remote malicious users to execute arbitrary SQL commands via the email parameter to tkmonitor/estrutura/login/Login.actions.php.
Teiko Farol -
1 EDB exploit
NA
CVE-2020-249161
Yaws versions 1.81 through 2.0.7 suffer from remote OS command injection and XML external entity injection vulnerabilities.
8.8
CVSSv3
CVE-2018-19908
An issue exists in MISP 2.4.9x prior to 2.4.99. In app/Model/Event.php (the STIX 1 import code), an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the ori...
Misp Misp
NA
CVE-2008-5891
Cross-site scripting (XSS) vulnerability in the profile editing functionality in Injader prior to 2.1.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: some of these details are obtained from third party information.
Injader Injader 2.0.2
Injader Injader
Injader Injader 2.1.0
Injader Injader 2.0.3
Injader Injader 1.6.1
1 EDB exploit
NA
CVE-2014-3829
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variabl...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
1 EDB exploit
NA
CVE-2005-2989
Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
5 EDB exploits
NA
CVE-2010-4280
Multiple SQL injection vulnerabilities in Pandora FMS prior to 3.1.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the id_group parameter in an operation/agentes/ver_agente action to ajax.php or (2) the group_id parameter in an operation/agentes/estad...
Artica Pandora Fms 3.0
Artica Pandora Fms 3.1
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
2 EDB exploits
NA
CVE-2009-2439
Multiple SQL injection vulnerabilities in Web Development House Alibaba Clone allow remote malicious users to execute arbitrary SQL commands via the (1) IndustryID parameter to category.php and the (2) SellerID parameter to supplier/view_contact_details.php. NOTE: this is a produ...
Web Development House Alibaba Clone
2 EDB exploits
NA
CVE-2008-5781
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Cfagcms Cfagcms 1.0
2 EDB exploits
NA
CVE-2010-1740
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote malicious users to execute arbitrary SQL commands via the lng parameter.
Freeguppy Guppy 4.5.18
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »