Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elvinbts elvinbts 1.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2123
Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_b...
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2124
Directory traversal vulnerability in page.php in Elvin 1.2.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2127
Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2129
Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote malicious users to hijack the authentication of arbitrary users via a logout action.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2130
Elvin 1.2.0 allows remote malicious users to read the PHP source code of (1) login.ei, (2) jump_bug.ei, or (3) create_account.ei in inc/ via a direct request.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started