Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jesper jurcenoks vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3653
Multiple cross-site scripting (XSS) vulnerabilities in Farsi Script (aka FaScript) FaName 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) key or (2) desc parameter to index.php, or (3) the name parameter to page.php.
Fascript Faname 1.0
2 EDB exploits
NA
CVE-2007-4874
Multiple cross-site scripting (XSS) vulnerabilities in SimpNews 2.41.03 allow remote malicious users to inject arbitrary web script or HTML via the (1) l_username parameter to admin/layout2b.php, and the (2) backurl parameter to comment.php.
Boesch-it Simpnews 2.41.03
2 EDB exploits
NA
CVE-2007-0694
Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote malicious users to inject arbitrary web script or HTML via the copyright parameter.
Dian Gemilang Dgnews 2.1
1 EDB exploit
NA
CVE-2007-3183
Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters to calendar.php and the (3) search string to cal_search.php.
Vincent Hor Calendarix 0.7.2007-03-07
1 EDB exploit
NA
CVE-2007-3182
Multiple cross-site scripting (XSS) vulnerabilities in Calendarix 0.7.20070307, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) year and (2) month parameters to calendar.php, and the (3) leftfooter parameter to cal...
Vincent Hor Calendarix 0.7.2007-03-07
1 EDB exploit
NA
CVE-2007-3127
content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message.
Ibm Websphere Portal 1.0
1 EDB exploit
NA
CVE-2008-3080
Cross-site request forgery (CSRF) vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote malicious users to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899.
Mywebland Mybloggie 2.1.6
1 EDB exploit
NA
CVE-2007-0605
Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote malicious users to inject arbitrary web script or HTML via the picture parameter.
Advanced Guestbook Advanced Guestbook 2.4.2
1 EDB exploit
NA
CVE-2007-1898
formmail.php in Jetbox CMS 2.1 allows remote malicious users to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
Jetbox Jetbox Cms 2.1
1 EDB exploit
NA
CVE-2007-1899
Multiple SQL injection vulnerabilities in myWebland myBloggie 2.1.6 allow remote malicious users to execute arbitrary SQL commands via (1) the user_id parameter in a viewuser action to index.php, and allow remote authenticated administrators to execute arbitrary SQL commands via ...
Mywebland Mybloggie 2.1.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »