Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
boonex dolphin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3810
SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and previous versions allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-201...
Boonex Dolphin
Boonex Dolphin 7.1.3
Boonex Dolphin 7.0.8
Boonex Dolphin 7.0.7
Boonex Dolphin 7.0.1
Boonex Dolphin 7.0.0
Boonex Dolphin 7.1.0
Boonex Dolphin 7.0.4
Boonex Dolphin 7.0.3
Boonex Dolphin 7.0.9
Boonex Dolphin 7.0.2
Boonex Dolphin 7.1.2
Boonex Dolphin 7.1.1
Boonex Dolphin 7.0.6
Boonex Dolphin 7.0.5
NA
CVE-2014-4333
Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related ...
Boonex Dolphin 7.1.0
Boonex Dolphin 7.0.3
Boonex Dolphin
Boonex Dolphin 7.0.9
Boonex Dolphin 7.0.8
Boonex Dolphin 7.0.2
Boonex Dolphin 7.0.1
Boonex Dolphin 7.1.3
Boonex Dolphin 7.1.2
Boonex Dolphin 7.0.7
Boonex Dolphin 7.0.6
Boonex Dolphin 7.0.0
Boonex Dolphin 7.1.1
Boonex Dolphin 7.0.5
Boonex Dolphin 7.0.4
NA
CVE-2012-0873
Multiple cross-site scripting (XSS) vulnerabilities in Boonex Dolphin prior to 7.0.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) explain parameter to explanation.php or the (2) photos_only, (3) online_only, or (4) mode parameters to viewFriends...
Boonex Dolphin 6.1.2
Boonex Dolphin 5.2
Boonex Dolphin 7.0.3
Boonex Dolphin 7.0.4
Boonex Dolphin 7.0.5
Boonex Dolphin 7.0.6
Boonex Dolphin 7.0.0
Boonex Dolphin 7.0.2
Boonex Dolphin 5.1
Boonex Dolphin 7.0.1
Boonex Dolphin
2 EDB exploits
8.8
CVSSv3
CVE-2013-3638
SQL injection vulnerability in Boonex Dolphin prior to 7.1.3 allows remote authenticated users to execute arbitrary SQL commands via the 'pathes' parameter in 'categories.php'.
Boonex Dolphin
NA
CVE-2011-3728
Dolphin 7.0.4 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files.
Boonex Dolphin 7.0.4
NA
CVE-2008-3167
Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) dir[plugins] parameter to (a) HTMLSax3.php and (b) safehtml.php in plugins/safehtml/ and t...
Boonex Dolphin 6.1.2
1 EDB exploit
NA
CVE-2006-4189
Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote malicious users to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php...
Boonex Dolphin 5.1
NA
CVE-2006-5410
PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189.
Boonex Dolphin 5.2
4.8
CVSSv3
CVE-2021-27969
Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "width" parameter.
Boonex Dolphin 7.4.2
NA
CVE-2008-3166
PHP remote file inclusion vulnerability in modules/global/inc/content.inc.php in BoonEx Ray 3.5, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the sIncPath parameter.
Boonex Ray 3.5
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started