Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

template injection vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2012-4902
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduct static PHP...
Template Cms Project Template Cms
NA
CVE-2007-4108
SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event Registration Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Online Event Registration Template
NA
CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter....
Aspapps Template Creature Nil
NA
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter....
2daybiz Web Template Software
NA
CVE-2005-3798
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field....
Alstrasoft Template Seller 3.25
NA
CVE-2007-5704
Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp....
Codewidgets Online Event Registration Template
NA
CVE-2007-5233
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action....
Deonixscripts Web Template Management System 1.3
NA
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Online Event Registration Template
7.8
CVSSv3
CVE-2021-37694
@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no...
Asyncapi Java-spring-cloud-stream-template
NA
CVE-2007-4111
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Real Estate Listing Website Application Template
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-34595CVE-2022-23713CVE-2022-21786hard-codedremote attackerscross-site request forgeryCVE-2022-2274CVE-2021-37839CVE-2022-26135
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook