Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
7.5
CVSSv2
CVE-2011-4066
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Sir Gnuboard 3.38
Sir Gnuboard 3.37
Sir Gnuboard
Sir Gnuboard 4.31.03
Sir Gnuboard 3.34
Sir Gnuboard 3.33
Sir Gnuboard 3.32
Sir Gnuboard 3.40
Sir Gnuboard 3.39
Sir Gnuboard 3.31
Sir Gnuboard 3.30
Sir Gnuboard 3.36
Sir Gnuboard 3.35
1 EDB exploit
7.5
CVSSv2
CVE-2007-1566
SQL injection vulnerability in News/page.asp in NetVIOS Portal allows remote malicious users to execute arbitrary SQL commands via the NewsID parameter. NOTE: this issue might be the same as CVE-2006-5954.
Netvios Netvios
2 EDB exploits
7.5
CVSSv2
CVE-2017-10682
SQL injection vulnerability in the administrative backend in Piwigo up to and including 2.9.1 allows remote users to execute arbitrary SQL commands via the cat_false or cat_true parameter in the comments or status page to cat_options.php.
Piwigo Piwigo
1 EDB exploit
7.5
CVSSv2
CVE-2005-4500
SQL injection vulnerability in MusicBox 2.3 allows remote malicious users to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, although it was later rediscovered.
Musicbox Musicbox 2.3
2 EDB exploits
7.5
CVSSv2
CVE-2018-8057
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channel_name or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php.
Westernbridgegroup Razor 0.8.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6640
Multiple SQL injection vulnerabilities in BatmanPorTaL allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) uyeadmin.asp and (2) profil.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Aspindir Batmanportal
2 EDB exploits
7.5
CVSSv2
CVE-2008-3954
SQL injection vulnerability in index.php in AlstraSoft Forum Pay Per Post Exchange allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a showcat action.
Alstrasoft Forum Pay Per Post Exchange
2 EDB exploits
4.6
CVSSv2
CVE-2008-4082
SQL injection vulnerability in the Tasks plugin in Brim 2.0.0, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via an arbitrary field in a search action to index.php.
Brim-project Brim 2.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2018-5988
SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.
Flexible Poll Project Flexible Poll 1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »