Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osirys vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5763
PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote malicious users to execute arbitrary PHP code via a URL in the slogin_path parameter.
Mariovaldez Simple Text-file Login Script 1.0.6
1 EDB exploit
NA
CVE-2008-5764
PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the lang parameter.
2500mhz Worksimple 1.2.1
1 EDB exploit
NA
CVE-2008-5765
WorkSimple 1.2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing usernames and passwords via a direct request for data/usr.txt.
2500mhz Worksimple 1.2.1
1 EDB exploit
NA
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2008-5894
Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Mediatheka Mediatheka 4.2
1 EDB exploit
NA
CVE-2008-5927
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of...
China-on-site Flexphpnews 0.0.6
1 EDB exploit
NA
CVE-2008-5333
SQL injection vulnerability in members.php in NitroTech 0.0.3a allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
NA
CVE-2008-5334
PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote malicious users to execute arbitrary PHP code via a URL in the root parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
NA
CVE-2008-6143
OwenPoll 1.0 allows remote malicious users to bypass authentication and obtain administrative access via a modified account name in the username cookie.
Owentechkenya Owenpoll 1.0
1 EDB exploit
NA
CVE-2008-6327
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
Manzovi Proquiz 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »