Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5781
SQL injection vulnerability in right.php in Cant Find A Gaming CMS (CFAGCMS) 1.0 Beta 1 allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Cfagcms Cfagcms 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-1740
SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote malicious users to execute arbitrary SQL commands via the lng parameter.
Freeguppy Guppy 4.5.18
1 EDB exploit
9
CVSSv2
CVE-2010-4278
operation/agentes/networkmap.php in Pandora FMS prior to 3.1.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the layout parameter in an operation/agentes/networkmap action to index.php.
Artica Pandora Fms 3.1
Artica Pandora Fms 3.0
Artica Pandora Fms 2.0
Artica Pandora Fms 2.1.1
Artica Pandora Fms 1.3.1
Artica Pandora Fms 1.3
Artica Pandora Fms 2.1
Artica Pandora Fms 1.2
Artica Pandora Fms
1 EDB exploit
7.5
CVSSv2
CVE-2008-4178
SQL injection vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from thi...
Downline Goldmine New Addon
Downline Goldmine Builder Special Category Addon
Downline Goldmine Builder
Downline Goldmine Builder Unknown
Downline Goldmine New Addon Pro
4 EDB exploits
7.5
CVSSv2
CVE-2009-3703
Multiple SQL injection vulnerabilities in the WP-Forum plugin prior to 2.4 for WordPress allow remote malicious users to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an ...
Fahlstad Wp-forum 1.7.4
Fahlstad Wp-forum 2.1
Fahlstad Wp-forum 1.6
Fahlstad Wp-forum 1.5
Fahlstad Wp-forum 1.8
Fahlstad Wp-forum
Fahlstad Wp-forum 1.7.3
Fahlstad Wp-forum 1.7
Fahlstad Wp-forum 1.7.8
Fahlstad Wp-forum 2.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-10063
The Convert Forms extension prior to 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.
Convert Forms Project Convert Forms
1 EDB exploit
7.5
CVSSv2
CVE-2009-1049
SQL injection vulnerability in articleCall.php in Bloginator 1A allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Kamads Bloginator 1a
2 EDB exploits
7.5
CVSSv2
CVE-2017-6089
SQL injection vulnerability in PhpCollab 2.5.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to ...
Phpcollab Phpcollab
1 EDB exploit
6.5
CVSSv2
CVE-2013-2559
SQL injection vulnerability in Symphony CMS prior to 2.3.2 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter to system/authors/. NOTE: this can be leveraged using CSRF to allow remote unauthenticated malicious users to execute arbitrary SQ...
Getsymphony Symphony 2.0.4
Getsymphony Symphony 2.0.5
Getsymphony Symphony 2.0.6
Getsymphony Symphony 2.0.7
Getsymphony Symphony 2.0
Getsymphony Symphony 2.0.3
Getsymphony Symphony
Getsymphony Symphony 2.3
Getsymphony Symphony 2.1.0
Getsymphony Symphony 2.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-2179
SQL injection vulnerability in search.php in phpDatingClub 3.7 allows remote malicious users to execute arbitrary SQL commands via the sform[day] parameter.
W2b Phpdatingclub 3.7
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »