Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
NA
CVE-2014-3749
SQL injection vulnerability in Construtiva CIS Manager allows remote malicious users to execute arbitrary SQL commands via the email parameter to autenticar/lembrarlogin.asp.
Construtiva Cis Manager Cms -
1 EDB exploit
NA
CVE-2011-0645
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote malicious users to execute arbitrary SQL commands via the where_time parameter in a get action.
Phpcms Phpcms 2008 2
2 EDB exploits
NA
CVE-2006-2046
Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (...
Application Dynamics Cartweaver Coldfusion
2 EDB exploits
NA
CVE-2015-1467
Multiple SQL injection vulnerabilities in Translations in Fork CMS prior to 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index.
Fork-cms Fork Cms
1 EDB exploit
NA
CVE-2015-1518
SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript prior to 2.3.0 allows remote malicious users to execute arbitrary SQL commands via the search_terms parameter.
Redaxscript Redaxscript
1 EDB exploit
NA
CVE-2006-1422
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and previous versions allows remote malicious users to execute arbitrary SQL commands via the event_id parameter.
Jjwwebdesign Phpbookingcalendar
2 EDB exploits
NA
CVE-2011-4066
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Sir Gnuboard 3.38
Sir Gnuboard 3.37
Sir Gnuboard
Sir Gnuboard 4.31.03
Sir Gnuboard 3.34
Sir Gnuboard 3.33
Sir Gnuboard 3.32
Sir Gnuboard 3.40
Sir Gnuboard 3.39
Sir Gnuboard 3.31
Sir Gnuboard 3.30
Sir Gnuboard 3.36
Sir Gnuboard 3.35
1 EDB exploit
9.8
CVSSv3
CVE-2018-5988
SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.
Flexible Poll Project Flexible Poll 1.2
1 EDB exploit
9.8
CVSSv3
CVE-2019-12279
Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form). NOTE: The vendor disputes this issues as not being a vulnerability because the issue does not seem to be a legitimate SQL Injection. The POC does not show any va...
Nagios Nagios Xi 5.6.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »