Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-4634
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....
Cacti
7.5
CVSSv2
CVE-2007-6035
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter....
Cacti
7.5
CVSSv2
CVE-2005-3336
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors....
Mantis
5
CVSSv2
CVE-2005-3338
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users....
Mantis
7.5
CVSSv2
CVE-2005-3335
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter....
Mantis
7.2
CVSSv2
CVE-2005-3339
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors....
Mantis
4
CVSSv2
CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072....
Theforeman
Katello
7.5
CVSSv2
CVE-2016-4999
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set...
Dashbuilder Project
Dashbuilder
Redhat
Jboss Bpm Suite
Jboss Enterprise Brms Platform
10
CVSSv2
CVE-2003-0500
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name....
Proftpd Project
Proftpd
1 EDB exploit available
7.5
CVSSv2
CVE-2005-3419
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized....
Phpbb Group
Phpbb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
maximo asset management
CVE-2020-6291
disclosure management
CVE-2020-15105
CVE-2020-4511
application delivery controller firmware
qradar security information and event manager
CVE-2020-10045
CVE-2020-8196
client side
insecure direct object reference
wireless
CVE-2020-5902
« PREV
1
2
3
4
5
6
7
NEXT »
Vulmon