Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osirys vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0610
Multiple static code injection vulnerabilities in post.php in Simple PHP News 1.0 final allow remote malicious users to inject arbitrary PHP code into news.txt via the (1) title or (2) date parameter, and then execute the code via a direct request to display.php. NOTE: the proven...
Dminnich Simple Php News 1.0
1 EDB exploit
NA
CVE-2009-0643
Static code injection vulnerability in post.php in Simple PHP News 1.0 final allows remote malicious users to inject arbitrary PHP code into news.txt via the post parameter, and then execute the code via a direct request to display.php. NOTE: some of these details are obtained fr...
Dminnich Simple Php News 1.0
1 EDB exploit
NA
CVE-2009-0731
Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
Freearcadescript Free Arcade Script 1.0
1 EDB exploit
NA
CVE-2009-5090
SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter and possibly other unspecified vectors.
Daman371 Bloggeruniverse
1 EDB exploit
NA
CVE-2009-5094
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote malicious users to execute arbitrary SQL commands via the item parameter.
Cmsfaethon Cms Faethon 2.2.0
1 EDB exploit
NA
CVE-2009-1323
SQL injection vulnerability in body.asp in Web File Explorer 3.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Webfileexplorer Web File Explorer 3.1
1 EDB exploit
NA
CVE-2009-0275
Static code injection vulnerability in admin.php in Ryneezy phoSheezy 0.2 allows remote authenticated administrators to inject arbitrary PHP code into config/header via the header parameter. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2009-0250. NOT...
Ryneezy Phosheezy 0.2
1 EDB exploit
NA
CVE-2008-6743
RSMScript 1.21 allows remote malicious users to bypass authentication and gain administrative privileges by setting the verified cookie to an arbitrary value and performing a direct request to (1) delete.php, (2) edit-submit.php, (3) edit.php, (4) submit.php, and (5) update.php, ...
Shock-therapy Rsmscript 1.21
1 EDB exploit
NA
CVE-2008-6761
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote malicious users to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting ad...
China-on-site Flexcustomer0.0.6
1 EDB exploit
NA
CVE-2008-6763
login2.php in Silentum LoginSys 1.0.0 allows remote malicious users to bypass authentication and obtain access to an arbitrary account by setting the logged_in cookie to that account's username.
Hypersilence Silentum Loginsys 1.0.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »