Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
template injection vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4902
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduc...
Template Cms Project Template Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote malicious users to execute arbitrary SQL commands via the mcatid parameter.
Aspapps Template Creature Nil
1 EDB exploit
5
CVSSv2
CVE-2008-5951
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for workDB/templatemonster.mdb.
Aspapps Template Creature Nil
1 EDB exploit
7.5
CVSSv2
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote malicious users to execute arbitrary SQL commands via the tid parameter.
2daybiz Web Template Software
1 EDB exploit
4.3
CVSSv2
CVE-2010-2509
Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php.
2daybiz Web Template Software
1 EDB exploit
7.5
CVSSv2
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Online Event Registration Template
1 EDB exploit
7.5
CVSSv2
CVE-2010-2254
SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in an article action to index.php.
Shape5 Bridge Of Hope Template
1 EDB exploit
7.5
CVSSv2
CVE-2007-5233
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a readmore action.
Deonixscripts Web Template Management System 1.3
1 EDB exploit
9.8
CVSSv3
CVE-2022-21186
The package @acrontum/filesystem-template prior to 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.
Acrontum Filesystem-template
6.8
CVSSv2
CVE-2007-4111
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Real Estate Listing Website Application Template
1 EDB exploit
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-21298
jenkins project
CVE-2025-23811
server-side request forgery
jenkins bitbucket server integration plugin
CVE-2025-21210
CVE-2025-23882
bypass
muzaara google ads report
wordpress file search
CVE-2025-24397
mass assignment
CVE-2024-12477
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »