Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql
Geek247 Pigmy-sql 1.4
1 EDB exploit
NA
CVE-2014-9254
bb_func_unsub.php in MiniBB 3.1 prior to 20141127 uses an incorrect regular expression, which allows remote malicious users to conduct SQl injection attacks via the code parameter in an unsubscribe action to index.php.
Minibb Minibb
1 EDB exploit
NA
CVE-2012-3350
SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Valarsoft Webmatic 3.1.1
1 EDB exploit
NA
CVE-2013-5697
SQL injection vulnerability in mod_accounting.c in the mod_accounting module 0.5 and previous versions for Apache allows remote malicious users to execute arbitrary SQL commands via a Host header.
Simone Tellini Mod Accounting
1 EDB exploit
NA
CVE-2008-5864
SQL injection vulnerability in the Top Hotel (com_tophotelmodule) component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showhoteldetails action to index.php.
Joomlahbs Com Tophotelmodule 1.0.0
Joomlahbs Hotel Booking Reservation System 1.0.0
4 EDB exploits
NA
CVE-2008-5865
SQL injection vulnerability in the com_hbssearch component 1.0 in the Hotel Booking Reservation System (aka HBS) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the r_type parameter in a showhoteldetails action to index.php.
Joomlahbs Hotel Booking Reservation System 1.0.0
4 EDB exploits
NA
CVE-2013-5917
SQL injection vulnerability in wp-comments-post.php in the NOSpam PTI plugin 2.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the comment_post_ID parameter.
Rodrigo Coimbra Nospam Pti 2.1
1 EDB exploit
NA
CVE-2012-1002
SQL injection vulnerability in author/edit.php in OpenConf 4.x prior to 4.12 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Zakongroup Openconf 4.00
Zakongroup Openconf 4.01
Zakongroup Openconf 4.02
Zakongroup Openconf 4.10
Zakongroup Openconf 4.11
1 EDB exploit
NA
CVE-2014-3857
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) prior to 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Kerio Control
Kerio Control 8.3.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-5344
An issue exists in dotCMS up to and including 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a ne...
Dotcms Dotcms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-12326
CVE-2024-44852
XSS
privilege escalation
CSRF
CVE-2024-12115
CVE-2024-38925
CVE-2024-38144
CVE-2024-6387
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »