Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-3721
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote malicious users to execute arbitrary SQL commands via the d parameter.
Psychostats Psychostats 3.2.2b
1 EDB exploit
NA
CVE-2009-0963
Multiple SQL injection vulnerabilities in PHPRunner 4.2, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the SearchField parameter to (1) UserView_list.php, (2) orders_list.php, (3) users_list.php, and (4) Administrator_list.php.
Xlinesoft Phprunner
Xlinesoft Phprunner 3.1
1 EDB exploit
7.5
CVSSv3
CVE-2009-0964
UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the database, which allows malicious users to gain privileges. NOTE: this can be leveraged with a separate SQL injection vulnerability to obtain passwords remotely without authentication.
Xlinesoft Phprunner
1 EDB exploit
NA
CVE-2009-3336
SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote malicious users to execute arbitrary SQL commands via the auction_id parameter.
Phpprobid Php Pro Bid
1 EDB exploit
NA
CVE-2008-6475
SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.
Drake Team Drake Cms
Drake Team Drake Cms 0.2
1 EDB exploit
NA
CVE-2008-6632
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT']).
Mercuryboard Mercuryboard 1.1
Mercuryboard Mercuryboard
Mercuryboard Mercuryboard 1.1.1
Mercuryboard Mercuryboard 1.0
Mercuryboard Mercuryboard 1.1.2
1 EDB exploit
NA
CVE-2008-1316
SQL injection vulnerability in qtf_ind_search_ov.php in QT-cute QuickTalk Forum 1.6 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Qt-cute Quicktalk Forum 1.3
Qt-cute Quicktalk Forum
Qt-cute Quicktalk Forum 1.4
Qt-cute Quicktalk Forum 1.5.0.3
1 EDB exploit
NA
CVE-2011-1055
SQL injection vulnerability in api/ice_media.cfc in Lingxia I.C.E CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the session.user_id parameter to media.cfm.
Lingxia273 Lingxia I.c.e Cms 1.0
1 EDB exploit
NA
CVE-2008-6778
SQL injection vulnerability in viewfaqs.php in Scripts for Sites (SFS) EZ Auction allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Scripts-for-sites Ez Auction
1 EDB exploit
NA
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user.
Jeremy Powers Lizardware Cms 0.6.0
Jeremy Powers Lizardware Cms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »