漏洞分类 - SQL 注入 - SQL injection - 知道创宇 Seebug 漏洞平台

漏洞分类 — SQL 注入

英文名字: SQL injection

漏洞详情：: SQL 注入，就是通过把SQL命令插入到Web表单提交或输入域名或页面请求的查询字符串，最终达到欺骗服务器执行恶意的SQL命令。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-16927	2007-03-25		Asterisk <= 1.2.16 / 1.4.1 SIP INVITE Remote Denial of Service Exploit		723 \| 0
SSV-6462	2007-03-24		PortailPhp 2.0 (idnews) Remote SQL Injection Exploit		831 \| 0
SSV-1534	2007-03-24		Active Linke Engine Default.ASP SQL注入漏洞		509 \| 0
SSV-6461	2007-03-24		Active Newsletter <= 4.3 (ViewNewspapers.asp) SQL Injection Exploit		767 \| 0
SSV-6464	2007-03-24		Active Auction Pro 7.1 (default.asp catid) SQL Injection Vulnerability		729 \| 0
SSV-6465	2007-03-24		ActiveBuyandSell 6.2 (buyersend.asp catid) SQL Injection Vulnerability		755 \| 0
SSV-6468	2007-03-24		aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection Vulnerability		688 \| 0
SSV-1532	2007-03-24		Web Wiz Forums字符串过滤SQL注入漏洞		596 \| 0
SSV-16925	2007-03-24		Joomla Component Car Manager <= 1.1 Remote SQL Injection Exploit		827 \| 0
SSV-6466	2007-03-24		Active Trade v 2 (default.asp catid) Remote SQL Injection Vulnerability		780 \| 0
SSV-16926	2007-03-24		Joomla Component RWCards <= 2.4.3 Remote SQL Injection Exploit		858 \| 0
SSV-1543	2007-03-24		PHP-Revista SQL注入漏洞		645 \| 0
SSV-6458	2007-03-24		eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit		757 \| 0
SSV-16923	2007-03-23		Active Newsletter <= 4.3 (ViewNewspapers.asp) SQL Injection Exploit		709 \| 0
SSV-16924	2007-03-23		eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit		781 \| 0
SSV-6447	2007-03-22		Active Link Engine (default.asp catid) Remote SQL Injection Vulnerability		701 \| 0
SSV-16920	2007-03-22		PortailPhp 2.0 (idnews) Remote SQL Injection Exploit		663 \| 0
SSV-6449	2007-03-22		php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities		743 \| 0
SSV-6448	2007-03-22		Active Photo Gallery (default.asp catid) SQL Injection Vulnerability		700 \| 0
SSV-6432	2007-03-21		phpBB Minerva Mod <= 2.0.21 build 238a SQL Injection Vulnerability		1353 \| 0
SSV-6429	2007-03-21		ScriptMagix Lyrics <= 2.0 (index.php recid) SQL Injection Exploit		711 \| 0
SSV-1520	2007-03-21		ScriptMagix Photo Rating ViewComments.PHP SQL注入漏洞		502 \| 0
SSV-1512	2007-03-21		Katalog Plyt Audio Index.PHP SQL注入漏洞		503 \| 0
SSV-1516	2007-03-21		Net Portal Dynamic System Print.PHP SQL注入漏洞		510 \| 0
SSV-16919	2007-03-21		php-revista <= 1.1.2 Multiple Remote SQL Injection Vulnerabilities		751 \| 0
SSV-1513	2007-03-21		LedgerSMB/SQL-Ledger login本地文件包含和验证绕过漏洞		552 \| 0
SSV-6433	2007-03-21		NetVios Portal (page.asp) Remote SQL Injection Vulnerability		1996 \| 0
SSV-1515	2007-03-21		Minerva Forum.PHP SQL注入漏洞		496 \| 0
SSV-6418	2007-03-19		ScriptMagix Jokes <= 2.0 (index.php catid) Remote SQL Injection Exploit		688 \| 0
SSV-1504	2007-03-19		Particle Blogger Post.PHP SQL注入漏洞		625 \| 0
SSV-6420	2007-03-19		ScriptMagix Photo Rating <= 2.0 Remote SQL Injection Exploit		673 \| 0
SSV-6419	2007-03-19		ScriptMagix Recipes <= 2.0 (index.php catid) SQL Injection Exploit		778 \| 0
SSV-1505	2007-03-19		PHPStats SQL注入漏洞		577 \| 0
SSV-6423	2007-03-19		ScriptMagix Lyrics <= 2.0 (index.php recid) SQL Injection Exploit		690 \| 0
SSV-6416	2007-03-19		ScriptMagix FAQ Builder <= 2.0 (index.php) Remote SQL Injection Exploit		692 \| 0
SSV-6422	2007-03-19		Katalog Plyt Audio (pl) <= 1.0 Remote SQL Injection Exploit		698 \| 0
SSV-6410	2007-03-17		Creative Files 1.2 (kommentare.php) Remote SQL Injection Vulnerability		698 \| 0
SSV-6412	2007-03-17		Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit		774 \| 0
SSV-1497	2007-03-17		Woltlab Burning Board UserGroups.PHP SQL注入漏洞		1407 \| 0
SSV-6411	2007-03-17		Php-Stats <= 0.1.9.1b (ip) Remote SQL Injection Exploit		794 \| 0
SSV-6409	2007-03-17		Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit		711 \| 0
SSV-6402	2007-03-16		WBBlog (XSS/SQL) Multiple Remote Vulnerabilities		1443 \| 0
SSV-16913	2007-03-16		Php-Stats <= 0.1.9.1b (PC-REMOTE-ADDR) SQL Injection Exploit		674 \| 0
SSV-6403	2007-03-16		Creative Guestbook 1.0 Multiple Remote Vulnerabilities		849 \| 0
SSV-16912	2007-03-15		Absolute Image Gallery 2.0 (gallery.php categoryid) SQL Injection Vuln		718 \| 0
SSV-16910	2007-03-15		Woltlab Burning Board 2.x (usergroups.php) Remote SQL Injection Exploit		849 \| 0
SSV-16905	2007-03-14		WSN Guest 1.21 (comments.php id) Remote SQL Injection Exploit		771 \| 0
SSV-6384	2007-03-14		BP Blog 7.0 (default.asp layout) Remote SQL Injection Vulnerability		749 \| 0
SSV-6381	2007-03-14		X-ice News System 1.0 (devami.asp id) SQL Injection Vulnerability		708 \| 0
SSV-6388	2007-03-14		Discuz! pm.php注入EXP		1411 \| 0
SSV-6380	2007-03-14		MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability		1622 \| 0
SSV-6382	2007-03-14		JGBBS 3.0beta1 (search.asp author) SQL Injection Exploit		711 \| 0
SSV-1470	2007-03-13		PHP ext/filter FDF Post数据过滤绕过漏洞		865 \| 0
SSV-16902	2007-03-13		MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability		716 \| 0
SSV-1468	2007-03-13		MySQL单行子选择远程拒绝服务漏洞		1280 \| 0
SSV-6367	2007-03-12		NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit		1484 \| 0
SSV-6360	2007-03-12		JobSitePro 1.0 (search.php) Remote SQL Injection Exploit		721 \| 0
SSV-6366	2007-03-12		HC Newssystem 1.0-1.4 (index.php ID) Remote SQL Injection Vulnerability		746 \| 0
SSV-6362	2007-03-12		SonicMailer Pro <= 3.2.3 (index.php) Remote SQL Injection Exploit		760 \| 0
SSV-6361	2007-03-12		Top Auction 1.0 (viewcat.php) Remote SQL Injection Exploit		767 \| 0
SSV-16899	2007-03-11		AssetMan <= 2.4a (download_pdf.php) Remote File Disclosure Vuln		685 \| 0
SSV-16898	2007-03-11		SonicMailer Pro <= 3.2.3 (index.php) Remote SQL Injection Exploit		770 \| 0
SSV-16900	2007-03-11		cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities		687 \| 0
SSV-16896	2007-03-10		NukeSentinel <= 2.5.06 (mysql >= 4.0.24) Remote SQL Injection Exploit		784 \| 0
SSV-6350	2007-03-10		Grayscale Blog 0.8.0 (Security Bypass/SQL/XSS) Multiple Remote Vulns		759 \| 0
SSV-6347	2007-03-09		GaziYapBoz Game Portal (kategori.asp) Remote SQL Injection Vuln		738 \| 0
SSV-6334	2007-03-08		PHP <= 4.4.6 mssql_[p]connect() Local Buffer Overflow Exploit		980 \| 0
SSV-6310	2007-03-06		Links Management Application 1.0 (lcnt) Remote SQL Injection Exploit		775 \| 0
SSV-6298	2007-03-05		AJ Forum 1.0 (topic_title.php) Remote SQL Injection Exploit		758 \| 0
SSV-6292	2007-03-05		Rigter Portal System (RPS) 6.2 Remote Blind SQL Injection Exploit		674 \| 0
SSV-6296	2007-03-05		AJDating 1.0 (view_profile.php) Remote SQL Injection Exploit		770 \| 0
SSV-6302	2007-03-05		webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit		1417 \| 0
SSV-6294	2007-03-05		News-Letterman 1.1 (eintrag.php sqllog) Remote File Include Exploit		740 \| 0
SSV-14200	2007-03-05		PHP <= 4.4.6 mssql_[p]connect() Local Buffer Overflow Exploit		917 \| 0
SSV-6295	2007-03-05		AJ Auction Pro All Versions (subcat.php) Remote SQL Injection Exploit		748 \| 0
SSV-6297	2007-03-05		AJ Classifieds 1.0 (postingdetails.php) Remote SQL Injection Exploit		698 \| 0
SSV-16884	2007-03-04		PHP < 4.4.5 / 5.2.1 WDDX Session Deserialization Information Leak		761 \| 0
SSV-6291	2007-03-04		Oracle 9i/10g DBMS_EXPORT_EXTENSION SQL Injection Exploit v2		1442 \| 0
SSV-16882	2007-03-04		RRDBrowse <= 1.6 Remote Arbitrary File Disclosure Vulnerability		768 \| 0
SSV-16881	2007-03-04		AJ Dating 1.0 (view_profile.php) Remote SQL Injection Exploit		689 \| 0
SSV-16883	2007-03-04		PHP < 4.4.5 / 5.2.1 php_binary Session Deserialization Information Leak		773 \| 0
SSV-6283	2007-03-02		phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit		1466 \| 0
SSV-6282	2007-03-02		Angel LMS 7.1 (default.asp id) Remote SQL Injection Vulnerability		799 \| 0
SSV-6271	2007-03-01		Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit		1443 \| 0
SSV-6270	2007-03-01		Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit		1305 \| 0
SSV-6259	2007-03-01		vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit		1680 \| 0
SSV-6264	2007-03-01		Coppermine Photo Gallery 1.3.x Remote Blind SQL Injection Exploit		1409 \| 0
SSV-16877	2007-03-01		phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit		656 \| 0
SSV-6252	2007-02-28		Oracle 10g KUPW$WORKER.MAIN SQL Injection Exploit v2		1381 \| 0
SSV-6255	2007-02-28		Oracle 9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit v2		1440 \| 0
SSV-6254	2007-02-28		Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit v2		1481 \| 0
SSV-16875	2007-02-28		vBulletin <= 3.6.4 (inlinemod.php postids) Remote SQL Injection Exploit		1468 \| 0
SSV-6253	2007-02-28		Oracle 10g KUPV$FT.ATTACH_JOB SQL Injection Exploit v2		1316 \| 0
SSV-6258	2007-02-28		webSPELL <= v4.01.02 (topic) Remote SQL Injection		1398 \| 0
SSV-6222	2007-02-22		webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit		1377 \| 0
SSV-6230	2007-02-22		NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit		812 \| 0
SSV-6221	2007-02-22		Online Web Building 2.0 (id) Remote SQL Injection Vulnerability		711 \| 0
SSV-6227	2007-02-22		Nabopoll 1.2 (result.php surv) Remote Blind SQL Injection Exploit		758 \| 0
SSV-16861	2007-02-20		PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)		1252 \| 0
SSV-16863	2007-02-20		PHP-Nuke <= 8.0 Final (HTTP Referers) Remote SQL Injection Exploit		1358 \| 0

1
...
57
58
59
60
61
62
63
64
65
66
67
...
69