Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-2081
Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua prior to 2013.2.4 and 2014.x prior to 2014.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter.
Iii Vtls-virtua 2014.1.0
Iii Vtls-virtua 2013.2.3
1 EDB exploit
7.5
CVSSv2
CVE-2018-7474
An issue exists in Textpattern CMS 4.6.2 and previous versions. It is possible to inject SQL code in the variable "qty" on the page index.php.
Textpattern Textpattern
1 EDB exploit
7.5
CVSSv2
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
7.5
CVSSv2
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
Abisoftgt Ticketly 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
7.5
CVSSv2
CVE-2010-1583
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! prior to 0.6.3, allows remote malicious users to execute arbitrary SQL commands via the username field in a login action.
Taskfreak Taskfreak\\! 0.5.5
Taskfreak Taskfreak\\! 0.5.6
Taskfreak Taskfreak\\! 0.5.3
Taskfreak Taskfreak\\! 0.1.2
Taskfreak Taskfreak\\! 0.1
Taskfreak Taskfreak\\! 0.4.2
Taskfreak Taskfreak\\! 0.5.0
Taskfreak Taskfreak\\! 0.4.1
Taskfreak Taskfreak\\! 0.4.0
Taskfreak Taskfreak\\! 0.6.0
Taskfreak Taskfreak\\! 0.5.4
Taskfreak Taskfreak\\! 0.5.7
Taskfreak Taskfreak\\!
Taskfreak Taskfreak\\! 0.6.1
Taskfreak Taskfreak\\! 0.5.1
Taskfreak Taskfreak\\! 0.5.2
Taskfreak Taskfreak\\! 0.1.4
Taskfreak Taskfreak\\! 0.1.3
Tirzen Tirzen Framework 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2017-14738
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
Filerun Filerun
1 EDB exploit
7.5
CVSSv2
CVE-2014-4194
SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
Aas9 Zerocms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2017-17999
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote malicious users to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
Fairsketch Rise Ultimate Project Manager 1.9
1 EDB exploit
7.5
CVSSv2
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »