Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
sql injection vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-2544
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter....
Cacti
1 EDB exploit available
4.3
CVSSv2
CVE-2010-2545
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via (1) the name element in an XML template to...
Cacti
6.5
CVSSv2
CVE-2010-1645
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph...
Cacti
4.3
CVSSv2
CVE-2010-1644
Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to...
Cacti
4.3
CVSSv2
CVE-2010-2543
Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for...
Cacti
1 EDB exploit available
7.5
CVSSv2
CVE-2010-0400
SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username....
Mahara
7.5
CVSSv2
CVE-2015-4342
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id....
Cacti
Fedoraproject
Fedora
4.3
CVSSv2
CVE-2015-6658
Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files....
Drupal
6.8
CVSSv2
CVE-2015-6660
The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value callbacks."...
Drupal
5
CVSSv2
CVE-2015-6661
Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu....
Drupal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-0674
arbitrary
CVE-2018-21060
CVE-2020-1624
CVE-2020-1991
local file inclusion
CVE-2020-10621
wireless
CVE-2020-6819
google
android
« PREV
1
2
3
4
5
6
7
8
9
NEXT »
Vulmon