Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osirys vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-5090
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors.
Daman371 Bloggeruniverse
1 EDB exploit
NA
CVE-2009-5094
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote malicious users to execute arbitrary SQL commands via the item parameter.
Cmsfaethon Cms Faethon 2.2.0
1 EDB exploit
NA
CVE-2008-5762
Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for slog_users.txt.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2008-5763
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote malicious users to execute arbitrary PHP code via a URL in the slogin_path parameter.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2008-5854
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these...
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2008-5927
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of...
China-on-site Flexphpnews 0.0.6
1 EDB exploit
NA
CVE-2008-5738
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
Nodstrum Mysql Calendar 1.1
Nodstrum Mysql Calendar 1.2
1 EDB exploit
NA
CVE-2008-6312
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2008-5333
SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »