Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-7120
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and earlier allows remote attackers to execute arbitrary SQL commands via the news.php parameter....
Mrcgiguy Hot Links Sql-php
1 EDB exploit available
6.5
CVSSv2
CVE-2020-9318
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15....
Red-gate Sql Monitor
7.5
CVSSv2
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."...
Microsoft Sql Server 2000
1 EDB exploit available
7.5
CVSSv2
CVE-2002-0645
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands....
Microsoft Data Engine 2000
Microsoft Sql Server 2000
7.5
CVSSv2
CVE-2008-4378
SQL injection vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter....
Mr. Cgi Guy Hot Links Sql Php
1 EDB exploit available
7.5
CVSSv2
CVE-2006-6354
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976....
Duware Duamazon 3.0
Duware Duamazon 3.1
Duware Duarticle 1.0
Duware Duarticle 1.1
Duware Duclassified 4.0
Duware Duclassified 4.1
Duware Duclassified 4.2
Duware Dudirectory 3.0
Duware Dudirectory 3.1
Duware Dudirectory Pro 3.0
Duware Dudirectory Pro 3.1
Duware Dudirectory Pro Sql 3.0
Duware Dudirectory Pro Sql 3.1
Duware Dudownload 1.0
Duware Dudownload 1.1
Duware Dugallery 3.0
Duware Dugallery 3.1
Duware Dugallery 3.2
Duware Dugallery 3.3
Duware Dunews 1.0
Duware Dunews 1.1
Duware Dupaypal 3.0
Duware Dupaypal 3.1
Duware Dupaypal Pro 3.0
Duware Dupaypal Pro 3.1
7.5
CVSSv2
CVE-2005-3976
SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 SQL, (5) DUdownload 1.1, (6) DUgallery 3.3, (7) DUnews 1.1, and (8) DUpaypal 3.1...
Duware Duamazon 3.1
Duware Duarticle 1.1
Duware Duclassified 4.2
Duware Dudirectory 3.1
Duware Dudirectory Pro 3.0
Duware Dudirectory Pro Sql 3.0
Duware Dudownload 1.1
Duware Dugallery 3.3
Duware Dunews 1.1
Duware Dupaypal 3.1
Duware Dupaypal Pro 3.0
6.8
CVSSv2
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled....
Sqlalchemy Sqlalchemy 1.2.17
Debian Debian Linux 8.0
6.5
CVSSv2
CVE-2014-7814
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter....
Redhat Cloudforms 3.1 Management Engine 5.3
7.5
CVSSv2
CVE-2013-4386
Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup parameter....
Redhat Openstack 3.0
Theforeman Foreman 1.2.0
Theforeman Foreman 1.2.1
Theforeman Foreman
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-2109
NULL pointer dereference
CVE-2021-1300
local users
CVE-2021-1250
CVE-2020-6207
dos
CVE-2021-1249
CVE-2020-11214
« PREV
1
2
3
4
5
6
7
NEXT »