Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osirys vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5854
Multiple cross-site scripting (XSS) vulnerabilities in login.php in myPHPscripts Login Session 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) ls_user and (2) ls_email parameters (aka the User form) in an ls_register action. NOTE: some of these...
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt.
Myphpscripts Login Session 2.0
1 EDB exploit
NA
CVE-2008-5894
Directory traversal vulnerability in index.php in Mediatheka 4.2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Mediatheka Mediatheka 4.2
1 EDB exploit
NA
CVE-2008-5927
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPNews 0.0.6 allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser parameter (aka username field) or (2) checkpass parameter (aka password field) to admin/index.php. NOTE: some of...
China-on-site Flexphpnews 0.0.6
1 EDB exploit
NA
CVE-2008-6327
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2008-6143
OwenPoll 1.0 allows remote malicious users to bypass authentication and obtain administrative access via a modified account name in the username cookie.
Owentechkenya Owenpoll 1.0
1 EDB exploit
NA
CVE-2009-1314
body.asp in Web File Explorer 3.1 allows remote malicious users to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Webfileexplorer Web File Explorer 3.1
1 EDB exploit
NA
CVE-2009-1508
SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote malicious users to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.
Keir Davis X-forum 0.6.2
1 EDB exploit
NA
CVE-2009-1512
Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.
Keir Davis X-forum 0.6.2
1 EDB exploit
NA
CVE-2008-5220
Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.
Wportfolio Wportfolio
Wportfolio Wportfolio 0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »