Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blind sql injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3502
SQL injection vulnerability in music.php in BPowerHouse BPMusic 1.0 allows remote malicious users to execute arbitrary SQL commands via the music_id parameter.
Bpowerhouse Bpmusic 1.0
1 EDB exploit
NA
CVE-2009-3503
Multiple SQL injection vulnerabilities in search.aspx in BPowerHouse BPHolidayLettings 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) rid and (2) tid parameters.
Bpowerhouse Bpholidaylettings 1.0
1 EDB exploit
NA
CVE-2009-4229
Multiple SQL injection vulnerabilities in ActiveWebSoftwares Active Bids allow remote malicious users to execute arbitrary SQL commands via (1) the catid parameter in the PATH_INFO to the default URI or (2) the catid parameter to default.asp. NOTE: this might overlap CVE-2009-042...
Activewebsoftwares Active Bids
1 EDB exploit
NA
CVE-2009-4351
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the Email (aka username) parameter.
Wscreator Wscreator 1.1
1 EDB exploit
NA
CVE-2008-2770
SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter.
Mycrocms Mycrocms 0.5
1 EDB exploit
NA
CVE-2008-2815
SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mymarket Mymarket 1.72
1 EDB exploit
NA
CVE-2007-6623
Absolute path traversal vulnerability in ZeusCMS 0.3 and previous versions might allow remote malicious users to list arbitrary directories via a full pathname in the dir parameter.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2010-4143
SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpcheckz Phpcheckz 1.1.0
1 EDB exploit
NA
CVE-2009-1742
code.php in PC4Arb Pc4 Uploader 9.0 and previous versions makes it easier for remote malicious users to conduct SQL injection attacks via crafted keyword sequences that are removed from a filter in the id parameter in a banner action, as demonstrated via the "UNIunionON"...
Pc4arb Pc4 Uploader
1 EDB exploit
NA
CVE-2008-6303
SQL injection vulnerability in tourview.php in ToursManager allows remote malicious users to execute arbitrary SQL commands via the tourid parameter.
Toursmanager Tours Manager -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »