Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eugene minaev vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4557
plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote malicious users to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.
Cutephp Cutenews 1.1.1
1 EDB exploit
NA
CVE-2006-1260
Horde Application Framework 3.0.9 allows remote malicious users to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
Horde Horde 1.2.2
Horde Horde 1.2.3
Horde Horde 2.1
Horde Horde 2.1.3
Horde Horde 2.2.6
Horde Horde 2.2.7
Horde Horde 2.2.8
Horde Horde 3.0.4 Rc1
Horde Horde 3.0.4 Rc2
Horde Horde 1.2.4
Horde Horde 1.2.5
Horde Horde 2.2
Horde Horde 2.2.1
Horde Horde 2.2.9
Horde Horde 3.0
Horde Horde 3.0.6
Horde Horde 3.0.7
Horde Horde 1.2
Horde Horde 1.2.1
Horde Horde 1.2.8
Horde Horde 2.0
Horde Horde 2.2.4 Rc1
1 EDB exploit
NA
CVE-2008-0224
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and previous versions module in RunCMS 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the Client-Ip parameter.
Runcms Runcms 1.6.1
Runcms Runcms 1.5.3
Runcms Runcms 1.6
1 EDB exploit
NA
CVE-2008-0255
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the section parameter.
Igamingcms Igaming Cms 1.5
Igamingcms Igaming Cms
1 EDB exploit
NA
CVE-2008-7203
Valve Software Half-Life Counter-Strike 1.6 allows remote malicious users to cause a denial of service (crash) via multiple crafted login packets.
Valvesoftware Counter-strike 1.6
1 EDB exploit
NA
CVE-2008-0138
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
Xoops Xoopsgallery Module 1.3.3 9
1 EDB exploit
NA
CVE-2008-0139
Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the template parameter.
Loudblog Loudblog
1 EDB exploit
NA
CVE-2008-0210
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote malicious users to bypass authentication via a sess[auth]=1 parameter settting. NOTE: this can be leveraged to conduct directory traversal a...
Uebimiau Webmail 2.7.2
Uebimiau Webmail 2.7.10
1 EDB exploit
NA
CVE-2008-7156
EkinBoard 1.1.0 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, as demonstrated via backup.php.
Ekinboard Ekinboard
1 EDB exploit
NA
CVE-2008-7157
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in upl...
Ekinboard Ekinboard
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »