漏洞分类 - SQL 注入 - SQL injection - 知道创宇 Seebug 漏洞平台

漏洞分类 — SQL 注入

英文名字: SQL injection

漏洞详情：: SQL 注入，就是通过把SQL命令插入到Web表单提交或输入域名或页面请求的查询字符串，最终达到欺骗服务器执行恶意的SQL命令。

相关漏洞

SSV ID	提交时间	漏洞等级	漏洞名称	漏洞状态	人气 \| 评论
SSV-5457	2006-11-01		T.G.S. CMS <= 0.1.7 (logout.php) Remote SQL Injection Exploit		855 \| 0
SSV-5447	2006-10-31		Techno Dreams Guestbook 1.0 (key) Remote SQL Injection Vulnerability		837 \| 0
SSV-5448	2006-10-31		Techno Dreams Announcement (key) Remote SQL Injection Vulnerability		802 \| 0
SSV-5444	2006-10-31		E Annu 1.0 Login Bypass SQL Injection Exploit		869 \| 0
SSV-5439	2006-10-30		Discuz! 5.0.0 RC1 SQL injection PoC		1221 \| 0
SSV-5430	2006-10-30		PHP My Ring <= 4.2.1 (cherche.php) Remote SQL Injection Vulnerability		878 \| 0
SSV-5433	2006-10-30		PHPEasyData Pro 2.2.2 (index.php) Remote SQL Injection Exploit		797 \| 0
SSV-5416	2006-10-29		Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability		8243 \| 0
SSV-315	2006-10-29		动力(My Power)3.51版Article_Print.asp注射漏洞		2301 \| 0
SSV-323	2006-10-29		动网(DVBBS)tongji.asp文件未过滤注入漏洞		2969 \| 0
SSV-16741	2006-10-29		PHPMyRing <= 4.2.1 (cherche.php) Remote SQL Injection Vulnerability		794 \| 0
SSV-317	2006-10-29		动网论坛DVBBS) logout.asp页面存在注入漏洞		1564 \| 0
SSV-5415	2006-10-29		Php League 0.82 (classement.php) Remote SQL Injection Exploit		976 \| 0
SSV-309	2006-10-28		Microsoft FrontPage Server Extensions跨站脚本漏洞（MS06-017)		1591 \| 0
SSV-179	2006-10-27		PHP Classifieds catid_search及catid变量远程SQL注入漏洞		983 \| 0
SSV-5263	2006-10-26		Discuz! 5 SQL injection Exploit		1763 \| 0
SSV-165	2006-10-26		PostgreSQL多个本地拒绝服务漏洞		1127 \| 0
SSV-161	2006-10-26		动易NewComment.asp注入漏洞		3193 \| 0
SSV-99	2006-10-25		PHP-Nuke SQL注入及绕过SQL注入防护漏洞		1856 \| 0
SSV-68	2006-10-25		ezContents多个SQL注入、远程/本地文件包含和跨站脚本漏洞		1915 \| 0
SSV-16732	2006-10-25		Discuz! 5.0.0 GBK SQL Injection / Admin Credentials Disclosure Exploit		2084 \| 0
SSV-16733	2006-10-25		ArticleBeach Script <= 2.0 (index.php) Remote File Inclusion Vulnerability		1270 \| 0
SSV-5254	2006-10-25		Berty Forum <= 1.4 (index.php) Remote Blind SQL Injection Exploit		914 \| 0
SSV-84	2006-10-25		TR Forum SQL注入及认证绕过漏洞		1050 \| 0
SSV-156	2006-10-25		Invision Power Board index.php st参数远程SQL注入漏洞		878 \| 0
SSV-5213	2006-10-24		ProFTPD 1.2.9RC1 (mod_sql) Remote SQL Injection Exploit		1489 \| 0
SSV-16722	2006-10-22		PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit		1426 \| 0
SSV-16710	2006-10-20		WGCC <= 0.5.6b (quiz.php) Remote SQL Injection Vulnerability		872 \| 0
SSV-16690	2006-10-16		WoltLab Burning Book <= 1.1.2 Remote SQL Injection Exploit PoC		849 \| 0
SSV-16685	2006-10-16		Simplog <= 0.9.3.1 comments.php Remote SQL Injection Exploit		838 \| 0
SSV-16681	2006-10-15		webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit		873 \| 0
SSV-16680	2006-10-15		Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection Vulnerability		834 \| 0
SSV-16644	2006-10-12		Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)		856 \| 0
SSV-16608	2006-10-08		4images 1.7.x (search.php) Remote SQL Injection Exploit		1817 \| 0
SSV-16607	2006-10-07		phpBB Random User Registration Number 1.0 Mod Inclusion Vulnerability		1040 \| 0
SSV-16606	2006-10-07		Cahier de texte 2.0 (lire.php) Remote SQL Injection Exploit		870 \| 0
SSV-16601	2006-10-05		PHP Classifieds 7.1 (index.php) Remote SQL Injection Vulnerability		781 \| 0
SSV-16595	2006-10-03		Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit		870 \| 0
SSV-16581	2006-09-29		PHP Krazy Image Hosting 0.7a (display.php) SQL Injection Exploit		839 \| 0
SSV-16582	2006-09-29		UBB.threads <= 6.5.1.1 (doeditconfig.php) Code Execution Exploit		939 \| 0
SSV-16551	2006-09-24		Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Exploit		851 \| 0
SSV-16553	2006-09-24		iyzi Forum <= 1.0 Beta 3 (uye_ayrinti.asp) Remote SQL Injection		827 \| 0
SSV-16547	2006-09-22		Eskolar CMS 0.9.0.0 (index.php) Remote SQL Injection Exploit		819 \| 0
SSV-16546	2006-09-22		xweblog <= 2.1 (kategori.asp) Remote SQL Injection Vulnerability		839 \| 0
SSV-16548	2006-09-22		e-Vision CMS 2.0 (all_users.php) Remote SQL Injection Exploit		850 \| 0
SSV-16538	2006-09-21		exV2 <= 2.0.4.3 (sort) Remote SQL Injection Exploit		930 \| 0
SSV-16528	2006-09-19		more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit		891 \| 0
SSV-16531	2006-09-19		MyReview 1.9.4 (email) Remote SQL Injection / Code Execution Exploit		877 \| 0
SSV-16529	2006-09-19		Tekman Portal 1.0 (tr) Remote SQL Injection Vulnerability		860 \| 0
SSV-16523	2006-09-18		AlstraSoft E-Friends <= 4.85 Remote Command Execution Exploit		859 \| 0
SSV-16522	2006-09-17		CMtextS <= 1.0 (users_logins/admin.txt) Credentials Disclosure Vuln		894 \| 0
SSV-16519	2006-09-17		Techno Dreams FAQ Manager 1.0 Remote SQL Injection Vulnerability		792 \| 0
SSV-16521	2006-09-17		Charon Cart v3 (Review.asp) Remote SQL Injection Vulnerability		855 \| 0
SSV-16516	2006-09-17		Zix Forum <= 1.12 (RepId) Remote SQL Injection Exploit		873 \| 0
SSV-16518	2006-09-17		Q-Shop 3.5 (browse.asp) Remote SQL Injection Vulnerability		824 \| 0
SSV-16520	2006-09-17		Techno Dreams Articles & Papers 2.0 Remote SQL Injection Vulnerability		783 \| 0
SSV-16510	2006-09-16		phpQuiz <= 0.1.2 Remote SQL Injection / Code Execution Exploit		922 \| 0
SSV-16512	2006-09-16		GNUTURK <= 2G (t_id) Remote SQL Injection Exploit		842 \| 0
SSV-16505	2006-09-15		Haberx 1.02 <= 1.1 (tr) Remote SQL Injection Vulnerability		829 \| 0
SSV-16496	2006-09-13		TualBLOG 1.0 (icerikno) Remote SQL Injection Vulnerability		905 \| 0
SSV-16476	2006-09-09		Vivvo Article Manager <= 3.2 (id) Remote SQL Injection Vulnerability		813 \| 0
SSV-16450	2006-09-05		ACGV News <= 0.9.1 (PathNews) Remote File Inclusion Vulnerability		936 \| 0
SSV-16451	2006-09-05		C-News <= 1.0.1 (path) Remote File Inclusion Vulnerability		837 \| 0
SSV-16449	2006-09-05		Zix Forum <= 1.12 (RepId) Remote SQL Injection Vulnerability		1628 \| 0
SSV-16440	2006-09-04		Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit		840 \| 0
SSV-16439	2006-09-04		SimpleBlog <= 2.3 (id) Remote SQL Injection Vulnerability		863 \| 0
SSV-16437	2006-09-03		Muratsoft Haber Portal 3.6 (tr) Remote SQL Injection Vulnerability		879 \| 0
SSV-16431	2006-09-02		TikiWiki <= 1.9 Sirius (jhot.php) Remote Command Execution Exploit		1515 \| 0
SSV-16432	2006-09-02		Annuaire 1Two 2.2 Remote SQL Injection Exploit		815 \| 0
SSV-16430	2006-09-01		icblogger v2 (YID) Remote SQL Injection Vulnerability		822 \| 0
SSV-16417	2006-08-28		Cybuzu Garoon 2.1.0 Multiple Remote SQL Injection Vulnerabilities		876 \| 0
SSV-16414	2006-08-27		CMS Frogss <= 0.4 (podpis) Remote SQL Injection Exploit		881 \| 0
SSV-16411	2006-08-26		proManager <= 0.73 (note.php) Remote SQL Injection Vulnerability		867 \| 0
SSV-16401	2006-08-23		phpBB All Topics Mod <= 1.5.0 (start) Remote SQL Injection Exploit		891 \| 0
SSV-16400	2006-08-23		MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit		931 \| 0
SSV-16388	2006-08-20		SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Exploit		865 \| 0
SSV-16384	2006-08-20		SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability		836 \| 0
SSV-16386	2006-08-20		LBlog <= 1.05 (comments.asp) Remote SQL Injection Vulnerability		833 \| 0
SSV-16387	2006-08-20		Simple Machines Forum <= 1.1 rc2 (lngfile) Remote Exploit (windows)		1180 \| 0
SSV-4232	2006-08-20		WebspotBlogging login.php远程SQL注入漏洞		1392 \| 0
SSV-4219	2006-08-17		Oracle SYS.DBMS_METADATA_UTIL软件包SQL注入漏洞		1188 \| 0
SSV-16355	2006-08-09		PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit		810 \| 0
SSV-16354	2006-08-09		PocketPC MMS Composer (WAPPush) Denial of Service Exploit		867 \| 0
SSV-16339	2006-08-01		Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)		1429 \| 0
SSV-16341	2006-08-01		Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit		1508 \| 0
SSV-16340	2006-08-01		Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (ppc)		1391 \| 0
SSV-16338	2006-08-01		XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)		1880 \| 0
SSV-16326	2006-07-30		Joomla com_bayesiannaivefilter Component <= 1.1 Inclusion Vulnerability		907 \| 0
SSV-16324	2006-07-30		ATutor <= 1.5.3.1 (links) Remote Blind SQL Injection Exploit		946 \| 0
SSV-16325	2006-07-30		Mambo User Home Pages Component <= 0.5 Remote Include Vulnerability		1002 \| 0
SSV-16312	2006-07-25		Etomite CMS <= 0.6.1 (username) SQL Injection Exploit (mq = off)		884 \| 0
SSV-16310	2006-07-24		X7 Chat <= 2.0.4 (old_prefix) Remote Blind SQL Injection Exploit		933 \| 0
SSV-16311	2006-07-24		PrinceClan Chess Mambo Com <= 0.8 Remote Inclusion Vulnerability		926 \| 0
SSV-16298	2006-07-21		LoudBlog <= 0.5 (id) SQL Injection / Admin Credentials Disclosure		879 \| 0
SSV-16292	2006-07-18		toendaCMS <= 1.0.0 (FCKeditor) Remote File Upload Exploit		983 \| 0
SSV-16290	2006-07-18		Invision Power Board 2.1 <= 2.1.6 Remote SQL Injection Exploit (2)		902 \| 0
SSV-16291	2006-07-18		BT Voyager 2091 (Wireless ADSL) Multiple Vulnerabilities		931 \| 0
SSV-16289	2006-07-18		Eskolar CMS 0.9.0.0 Remote Blind SQL Injection Exploit		880 \| 0
SSV-16293	2006-07-18		PHP-Post 1.0 Cookie Modification Privilege Escalation Vulnerability		857 \| 0
SSV-16270	2006-07-15		MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit		1305 \| 0

1
...
61
62
63
64
65
66
67
68
69