Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-1644
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to...
Cacti
6.5
CVSSv2
CVE-2010-1645
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph...
Cacti
4.3
CVSSv2
CVE-2010-2543
Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for...
Cacti
1 EDB exploit available
4.3
CVSSv2
CVE-2010-2545
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to...
Cacti
7.5
CVSSv2
CVE-2011-4824
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter....
Cacti
4.3
CVSSv2
CVE-2010-2544
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter....
Cacti
1 EDB exploit available
7.5
CVSSv2
CVE-2005-1525
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter....
The Cacti Group
Cacti
4.3
CVSSv2
CVE-2015-6658
Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files....
Drupal
6.8
CVSSv2
CVE-2015-6660
The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."...
Drupal
5
CVSSv2
CVE-2015-6661
Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu....
Drupal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
maximo asset management
CVE-2020-6291
disclosure management
CVE-2020-15105
CVE-2020-4511
application delivery controller firmware
qradar security information and event manager
CVE-2020-10045
CVE-2020-8196
client side
insecure direct object reference
wireless
CVE-2020-5902
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon