Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1740
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote malicious users to execute arbitrary SQL commands via the lng parameter.
Freeguppy Guppy 4.5.18
1 EDB exploit
NA
CVE-2008-5781
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Cfagcms Cfagcms 1.0
2 EDB exploits
NA
CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS prior to 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.
Artica Pandora Fms 3.1
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
1 EDB exploit
NA
CVE-2008-4178
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from thi...
Downline Goldmine New Addon
Downline Goldmine Builder Special Category Addon
Downline Goldmine Builder
Downline Goldmine Builder Unknown
Downline Goldmine New Addon Pro
4 EDB exploits
7.8
CVSSv3
CVE-2018-10063
The Convert Forms extension prior to 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
Convert Forms Project Convert Forms
1 EDB exploit
NA
CVE-2009-1049
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Kamads Bloginator 1a
2 EDB exploits
NA
CVE-2009-3703
Multiple SQL injection vulnerabilities in the WP-Forum plugin prior to 2.4 for WordPress allow remote malicious users to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an ...
Fahlstad Wp-forum 1.7.4
Fahlstad Wp-forum 2.1
Fahlstad Wp-forum 1.6
Fahlstad Wp-forum 1.5
Fahlstad Wp-forum 1.8
Fahlstad Wp-forum
Fahlstad Wp-forum 1.7.3
Fahlstad Wp-forum 1.7
Fahlstad Wp-forum 1.7.8
Fahlstad Wp-forum 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-9730
SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the "r" parameter.
Dfsol Nuevomailer
1 EDB exploit
9.8
CVSSv3
CVE-2018-5977
SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request.
Getaffiligator Affiligator 2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5978
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
Zechat Project Zechat 1.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »