Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
greg neustaetter gcards vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2971
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and previous versions allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
Greg Neustaetter Gcards 1.13
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
Greg Neustaetter Gcards 1.45
Greg Neustaetter Gcards
1 EDB exploit
4.3
CVSSv2
CVE-2006-1348
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be res...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
6.4
CVSSv2
CVE-2006-1346
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP s...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
7.5
CVSSv2
CVE-2006-1347
SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
Greg Neustaetter Gcards
1 EDB exploit
7.5
CVSSv2
CVE-2005-3408
SQL injection vulnerability in news.php in gCards version 1.43 allows remote malicious users to execute arbitrary SQL commands via the limit parameter.
Greg Neustaetter Gcards 1.43
1 EDB exploit
7.5
CVSSv2
CVE-2006-5255
PHP remote file inclusion vulnerability in addnews.php in Greg Neustaetter gCards 1.13 allows remote malicious users to execute arbitrary PHP code via a URL in the languagefile parameter. NOTE: another researcher has observed that languageFile is defined before use. CVE analysis ...
Greg Neustaetter Gcards 1.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started