Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
775
VMScore
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
765
VMScore
CVE-2005-3682
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote malicious users to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
Wizz Forum Wizz Forum 1.20
3 EDB exploits
765
VMScore
CVE-2008-5191
Multiple SQL injection vulnerabilities in SePortal 2.4 allow remote malicious users to execute arbitrary SQL commands via the (1) poll_id parameter to poll.php and the (2) sp_id parameter to staticpages.php.
Seportal Seportal 2.4
3 EDB exploits
765
VMScore
CVE-2005-4228
Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) im...
Phpwebgallery Phpwebgallery 1.0
Phpwebgallery Phpwebgallery 1.5.0
Phpwebgallery Phpwebgallery 1.6.0
Phpwebgallery Phpwebgallery 1.7.0
Phpwebgallery Phpwebgallery 1.1
Phpwebgallery Phpwebgallery 1.3.1
Phpwebgallery Phpwebgallery
Phpwebgallery Phpwebgallery 1.6.1
Phpwebgallery Phpwebgallery 1.7.1
Phpwebgallery Phpwebgallery 1.6
Phpwebgallery Phpwebgallery 1.5.2
Phpwebgallery Phpwebgallery 1.3.2
Phpwebgallery Phpwebgallery 1.3.0
Phpwebgallery Phpwebgallery 1.3.4
Phpwebgallery Phpwebgallery 1.3.3
Phpwebgallery Phpwebgallery 1.2.1
Phpwebgallery Phpwebgallery 1.4.0
Phpwebgallery Phpwebgallery 1.6.2
Phpwebgallery Phpwebgallery 1.5.1
Phpwebgallery Phpwebgallery 1.4.1
3 EDB exploits
765
VMScore
CVE-2005-4259
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote malicious users to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenance of this issue is unkno...
Aspbb Aspbb 0.4
3 EDB exploits
765
VMScore
CVE-2008-4895
SQL injection vulnerability in tr.php in YourFreeWorld Downline Builder allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Downline Builder Script
3 EDB exploits
515
VMScore
CVE-2006-1372
Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm.
Benson It Solutions 1webcalendar
3 EDB exploits
655
VMScore
CVE-2014-1459
SQL injection vulnerability in dg-admin/index.php in doorGets CMS 5.2 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the _position_down_id parameter. NOTE: this can be leveraged using CSRF to allow remote malicious users to ...
Doorgets Doorgets Cms 3.0
Doorgets Doorgets Cms
Doorgets Doorgets Cms 4.0
1 EDB exploit
NA
CVE-2023-0329
The Elementor Website Builder WordPress plugin prior to 3.12.2 does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role.
Elementor Website Builder
760
VMScore
CVE-2005-4141
Multiple SQL injection vulnerabilities in ASPMForum allow remote malicious users to execute arbitrary SQL commands via the (1) harf parameter in kullanicilistesi.asp and (2) baslik parameter in forum.asp.
Aspmforum Aspmforum
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
8
9
10
NEXT »