Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6839
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
Instantsoft Instantcms
1 EDB exploit
NA
CVE-2008-0685
SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to execute arbitrary SQL commands via the CatID parameter.
Itechscripts Itechclassifieds 3.0
2 EDB exploits
NA
CVE-2014-9215
SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 prior to 20141128 allows remote malicious users to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the fo...
Pbboard Pbboard
1 EDB exploit
NA
CVE-2009-3804
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the...
Runcms Runcms 2m1
2 EDB exploits
NA
CVE-2014-2081
Multiple SQL injection vulnerabilities in the login in web_reports/cgi-bin/InfoStation.cgi in Innovative vtls-Virtua prior to 2013.2.4 and 2014.x prior to 2014.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter.
Iii Vtls-virtua 2014.1.0
Iii Vtls-virtua 2013.2.3
1 EDB exploit
9.8
CVSSv3
CVE-2018-7538
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform prior to 9.18 allows malicious users to execute arbitrary SQL commands.
Enalean Tuleap
1 EDB exploit
NA
CVE-2013-6058
SQL injection vulnerability in appRain CMF 3.0.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to blog-by-cat/.
Apprain Apprain 0.2.1.1
Apprain Apprain 0.1.5
Apprain Apprain 0.1.4
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain
Apprain Apprain 3.0.1
Apprain Apprain 0.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2015-3933
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS prior to 0.0.3-patch allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
Metalgenix Genixcms
1 EDB exploit
9.8
CVSSv3
CVE-2017-17999
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote malicious users to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
Fairsketch Rise Ultimate Project Manager 1.9
1 EDB exploit
NA
CVE-2014-4194
SQL injection vulnerability in zero_transact_article.php in ZeroCMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the article_id parameter in a Submit Comment action.
Aas9 Zerocms 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »