Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
template injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4902
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) create an administrator user via an add action to admin/index.php or (2) conduc...
Template Cms Project Template Cms
1 EDB exploit
NA
CVE-2008-5950
SQL injection vulnerability in media/media_level.asp in ASP Template Creature allows remote malicious users to execute arbitrary SQL commands via the mcatid parameter.
Aspapps Template Creature Nil
1 EDB exploit
NA
CVE-2008-5951
ASP Template Creature stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for workDB/templatemonster.mdb.
Aspapps Template Creature Nil
1 EDB exploit
NA
CVE-2010-2510
SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote malicious users to execute arbitrary SQL commands via the tid parameter.
2daybiz Web Template Software
1 EDB exploit
NA
CVE-2010-2509
Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php.
2daybiz Web Template Software
1 EDB exploit
NA
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Online Event Registration Template
1 EDB exploit
NA
CVE-2007-5233
SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a readmore action.
Deonixscripts Web Template Management System 1.3
1 EDB exploit
9.8
CVSSv3
CVE-2022-21186
The package @acrontum/filesystem-template prior to 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.
Acrontum Filesystem-template
NA
CVE-2005-3798
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote malicious users to execute arbitrary SQL commands via the username field.
Alstrasoft Template Seller 3.25
NA
CVE-2007-4111
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Real Estate Listing Website Application Template
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »