Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-6089
SQL injection vulnerability in PhpCollab 2.5.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to ...
Phpcollab Phpcollab
1 EDB exploit
NA
CVE-2012-1673
SQL injection vulnerability in loginscript.php in e-ticketing allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Ola Lasisi E-ticketing -
1 EDB exploit
9.8
CVSSv3
CVE-2017-7997
Multiple SQL injection vulnerabilities in Gespage prior to 7.4.9 allow remote malicious users to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
Gespage Gespage
1 EDB exploit
NA
CVE-2013-4789
SQL injection vulnerability in modules/rss/rss.php in Cotonti prior to 0.9.14 allows remote malicious users to execute arbitrary SQL commands via the "c" parameter to index.php.
Cotonti Cotonti Siena 0.9.7
Cotonti Cotonti Siena 0.9.8
Cotonti Cotonti Siena 0.9.9
Cotonti Cotonti Siena 0.9.0
Cotonti Cotonti Siena 0.9.10
Cotonti Cotonti Siena 0.9.3
Cotonti Cotonti Siena 0.9.5
Cotonti Cotonti Siena 0.9.11
Cotonti Cotonti Siena 0.9.12
Cotonti Cotonti Siena
Cotonti Cotonti Siena 0.9.2
Cotonti Cotonti Siena 0.9.1
Cotonti Cotonti Siena 0.9.4
Cotonti Cotonti Siena 0.9.6
1 EDB exploit
9.8
CVSSv3
CVE-2017-15977
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
Protectedlinks Expiring Download Links 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2014-9558
Multiple SQL injection vulnerabilities in SmartCMS v.2.
Smartcms Smartcms 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-17970
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_ra...
Muvikoscript Muviko 1.1
1 EDB exploit
NA
CVE-2009-3661
Multiple SQL injection vulnerabilities in the DJ-Catalog (com_djcatalog) component for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a showItem action and (2) cid parameter in a show action to index.php.
Blueconstantmedia Com Djcatalog
1 EDB exploit
NA
CVE-2015-1517
SQL injection vulnerability in Piwigo prior to 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.
Piwigo Piwigo
1 EDB exploit
9.8
CVSSv3
CVE-2017-9730
SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the "r" parameter.
Dfsol Nuevomailer
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »