Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to execute arbitrary SQL commands via the CatID parameter.
Itechscripts Itechclassifieds 3.0
2 EDB exploits
9.8
CVSSv3
CVE-2017-17999
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote malicious users to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
Fairsketch Rise Ultimate Project Manager 1.9
1 EDB exploit
NA
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
7.2
CVSSv3
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
8.1
CVSSv3
CVE-2019-11600
A SQL injection vulnerability in the activities API in OpenProject prior to 8.3.2 allows a remote malicious user to execute arbitrary SQL commands via the id parameter. The attack can be performed unauthenticated if OpenProject is configured not to require authentication for API ...
Openproject Openproject
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-18923
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
Abisoftgt Ticketly 1.0
1 EDB exploit
NA
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
9.8
CVSSv3
CVE-2015-3933
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS prior to 0.0.3-patch allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
Metalgenix Genixcms
1 EDB exploit
7.2
CVSSv3
CVE-2017-6088
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or th...
Eyesofnetwork Eyesofnetwork
1 EDB exploit
NA
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »