Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
john martinelli vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9034
wp-includes/class-phpass.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 allows remote malicious users to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue...
Wordpress Wordpress 3.9.2
Wordpress Wordpress 4.0
Wordpress Wordpress
Wordpress Wordpress 3.8
Wordpress Wordpress 3.8.1
Wordpress Wordpress 3.8.2
Wordpress Wordpress 3.8.3
Wordpress Wordpress 3.9
Wordpress Wordpress 3.8.4
Wordpress Wordpress 3.9.1
2 EDB exploits
1 Github repository
NA
CVE-2007-3049
Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 allows remote malicious users to inject arbitrary web script or HTML via the title parameter.
Buttercup Wfm Buttercup Wfm May-2007
1 EDB exploit
NA
CVE-2007-2806
Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters.
Galix Galix 2.0
1 EDB exploit
NA
CVE-2007-2757
Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote malicious users to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php.
Dean J Robinson Redoable 1.2
1 EDB exploit
NA
CVE-2007-2547
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to inject arbitrary web script or HTML via the l parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
NA
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
NA
CVE-2007-2247
SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote malicious users to execute arbitrary SQL commands via the item_id parameter.
Phpmyspace Phpmyspace 8.10
1 EDB exploit
NA
CVE-2007-2207
SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
NA
CVE-2007-2011
Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Deskpro Deskpro 2.0.1
1 EDB exploit
NA
CVE-2007-1996
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and previous versions, allows remote malicious users to execute arbitrary PHP code via a URL in the process_method parameter.
Codebreak Codebreak
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »