Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5865
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Joomlahbs Hotel Booking Reservation System 1.0.0
4 EDB exploits
9.8
CVSSv3
CVE-2021-45029
Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
Apache Shenyu 2.4.0
Apache Shenyu 2.4.1
NA
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
NA
CVE-2005-1417
Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote malicious users to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, ...
Maxwebportal Maxwebportal 1.3.5
Maxwebportal Maxwebportal 2.0
Maxwebportal Maxwebportal 1.3.1
Maxwebportal Maxwebportal 1.3.3
Maxwebportal Maxwebportal 1.3.0
Maxwebportal Maxwebportal 1.3.2
5 EDB exploits
NA
CVE-2008-5191
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote malicious users to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
Seportal Seportal 2.4
3 EDB exploits
NA
CVE-2005-4259
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote malicious users to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenance of this issue is unkno...
Aspbb Aspbb 0.4
3 EDB exploits
NA
CVE-2006-1372
Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm.
Benson It Solutions 1webcalendar
3 EDB exploits
NA
CVE-2005-3682
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote malicious users to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
Wizz Forum Wizz Forum 1.20
3 EDB exploits
NA
CVE-2005-4228
Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) im...
Phpwebgallery Phpwebgallery 1.0
Phpwebgallery Phpwebgallery 1.5.0
Phpwebgallery Phpwebgallery 1.6.0
Phpwebgallery Phpwebgallery 1.7.0
Phpwebgallery Phpwebgallery 1.1
Phpwebgallery Phpwebgallery 1.3.1
Phpwebgallery Phpwebgallery
Phpwebgallery Phpwebgallery 1.6.1
Phpwebgallery Phpwebgallery 1.7.1
Phpwebgallery Phpwebgallery 1.6
Phpwebgallery Phpwebgallery 1.5.2
Phpwebgallery Phpwebgallery 1.3.2
Phpwebgallery Phpwebgallery 1.3.0
Phpwebgallery Phpwebgallery 1.3.4
Phpwebgallery Phpwebgallery 1.3.3
Phpwebgallery Phpwebgallery 1.2.1
Phpwebgallery Phpwebgallery 1.4.0
Phpwebgallery Phpwebgallery 1.6.2
Phpwebgallery Phpwebgallery 1.5.1
Phpwebgallery Phpwebgallery 1.4.1
3 EDB exploits
NA
CVE-2008-4895
SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Downline Builder Script
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »