Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3719
Cross-site scripting (XSS) vulnerability in comment.asp in Battle Blog 1.25 and 1.30 build 2 allows remote malicious users to inject arbitrary web script or HTML via a comment.
Davethewebguy Battle Blog 1.25
Davethewebguy Battle Blog 1.30
1 EDB exploit
6.5
CVSSv2
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
7.5
CVSSv2
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
5
CVSSv2
CVE-2019-14430
plugin/Audit/Objects/AuditTable.php in YouPHPTube up to and including 7.2 allows SQL Injection.
Youphptube Youphptube
1 EDB exploit
7.5
CVSSv2
CVE-2017-14738
FileRun (version 2017.09.18 and below) suffers from a remote SQL injection vulnerability due to a failure to sanitize input in the metafield parameter inside the metasearch module (under the search function).
Filerun Filerun
1 EDB exploit
7.5
CVSSv2
CVE-2006-3474
Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to (a) gbrowse.php, (2) card_id parameter to (b) rating.php and (c) create.php, and the (3) event_id parameter to (d) s...
Belchior Foundry Vcard Pro
4 EDB exploits
7.5
CVSSv2
CVE-2008-5875
SQL injection vulnerability in the com_lowcosthotels component in the Hotel Booking Reservation System (aka HBS) for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Joomlahbs Com Lowcosthotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
7.5
CVSSv2
CVE-2007-4956
Multiple SQL injection vulnerabilities in KwsPHP 1.0 allow remote malicious users to execute arbitrary SQL commands via (1) the pseudo parameter to login.php, (2) the id parameter to index.php in a carnet editer action in the Member_Space (espace_membre) module, or (3) the typena...
Kwsphp Kwsphp 1.0
3 EDB exploits
7.5
CVSSv2
CVE-2008-5874
Multiple SQL injection vulnerabilities in the Hotel Booking Reservation System (aka HBS) for Joomla! allow remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php in the (1) com_allhotels or (2) com_5starhotels modul...
Joomlahbs Com Allhotels Nil
Joomlahbs Com 5starhotels Nil
Joomlahbs Hotel Booking Reservation System Nil
3 EDB exploits
7.5
CVSSv2
CVE-2008-5865
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Joomlahbs Hotel Booking Reservation System 1.0.0
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »