Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
template injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4902
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduct static PHP...
Template Cms Project Template Cms
1 EDB exploit available
NA
CVE-2007-4108
SQL injection vulnerability in sign_in.aspx in WebEvents (Online Event Registration Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Online Event Registration Template
NA
CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote attackers to execute arbitrary SQL commands via the mcatid parameter....
Aspapps Template Creature Nil
1 EDB exploit available
NA
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attackers to execute arbitrary SQL commands via the tid parameter....
2daybiz Web Template Software
1 EDB exploit available
NA
CVE-2005-3798
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field....
Alstrasoft Template Seller 3.25
NA
CVE-2007-5704
Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp....
Codewidgets Online Event Registration Template
NA
CVE-2007-5233
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a readmore action....
Deonixscripts Web Template Management System 1.3
1 EDB exploit available
NA
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Online Event Registration Template
1 EDB exploit available
7.8
CVSSv3
CVE-2021-37694
@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no...
Asyncapi Java-spring-cloud-stream-template
1 Github repository available
NA
CVE-2007-4111
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter....
Codewidgets Real Estate Listing Website Application Template
1 EDB exploit available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-34595
CVE-2022-23713
CVE-2022-21786
hard-coded
remote attackers
cross-site request forgery
CVE-2022-2274
CVE-2021-37839
CVE-2022-26135
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »