Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cobra_21 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4811
SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote malicious users to execute arbitrary SQL commands via the str parameter.
Bst Bestshoppro
1 EDB exploit
NA
CVE-2009-3188
PHP remote file inclusion vulnerability in save.php in phpSANE 0.5.0 allows remote malicious users to execute arbitrary PHP code via a URL in the file_save parameter.
David Frohlich Phpsane 0.5.0
1 EDB exploit
NA
CVE-2009-3064
Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT 0.1.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the _GET[filename] parameter.
Rein Velt Vedit 01.4
1 EDB exploit
NA
CVE-2009-4626
Directory traversal vulnerability in menu.php in phpNagios 1.2.0 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the conf[lang] parameter.
Phpnagios Phpnagios 1.2.0
1 EDB exploit
NA
CVE-2009-4870
Multiple SQL injection vulnerabilities in login.php in PHPCityPortal allow remote malicious users to execute arbitrary SQL commands via the (1) req_username (aka Username) and (2) req_password (aka Password) parameters. NOTE: some of these details are obtained from third party in...
Phpcityportal Phpcityportal
1 EDB exploit
NA
CVE-2011-4812
Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote malicious users to inject arbitrary web script or HTML via the str parameter.
Bst Bestshoppro
1 EDB exploit
NA
CVE-2010-2926
SQL injection vulnerability in index.php in sNews 1.7 allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Solucija Snews 1.7
1 EDB exploit
NA
CVE-2008-6388
Rapid Classified 3.1 and 3.15 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request to cldb.mdb.
4u2ges Rapid Classified 3.1
4u2ges Rapid Classified 3.15
1 EDB exploit
NA
CVE-2008-6318
PHP remote file inclusion vulnerability in _conf/_php-core/common-tpl-vars.php in PHPmyGallery 1.5 beta allows remote malicious users to execute arbitrary PHP code via a URL in the admindir parameter, a different vector than CVE-2008-6317.
Phpmygallery Phpmygallery 1.5
1 EDB exploit
NA
CVE-2008-6357
MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing the username and password via a direct request to mycal.mdb.
Donnafontenot Mycal Personal Events Calendar -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »