Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5480
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote malicious users to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
Innovaage Innovashop
2 EDB exploits
NA
CVE-2008-1178
Directory traversal vulnerability in include/doc/index.php in Centreon 1.4.2.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2008-1119.
Centreon Centreon 1.4.2.2
Centreon Centreon 1.4.2.1
Centreon Centreon 1.4.2
Centreon Centreon
Centreon Centreon 1.4.1
Centreon Centreon 1.4
1 EDB exploit
NA
CVE-2008-1336
SQL injection vulnerability in Koobi CMS 4.2.3 up to and including 4.3.0 allows remote malicious users to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122.
Koobi Koobi Cms 4.2.3
Koobi Koobi Cms 4.2.4
Koobi Koobi Cms 4.2.7
Koobi Koobi Cms 4.2.8
Koobi Koobi Cms 4.2.9
Koobi Koobi Cms 4.3.0
Koobi Koobi Cms 4.2.5
Koobi Koobi Cms 4.2.6
1 EDB exploit
NA
CVE-2008-1344
Multiple SQL injection vulnerabilities in MyioSoft EasyCalendar 4.0tr and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) year parameter in a dayview action to plugins/calendar/calendar_backend.php and the (2) page parameter to ajaxp_b...
Myiosoft Easycalendar 4.0tr
1 EDB exploit
NA
CVE-2008-1345
Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and previous versions allows remote malicious users to inject arbitrary web script or HTML via the day parameter in a dayview action.
Myiosoft Easycalendar 4.0tr
1 EDB exploit
NA
CVE-2010-2915
SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ajsquare Aj Hyip Prime
1 EDB exploit
NA
CVE-2010-3457
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) fields[website] parameter in the post comments feature in articles/a-primer-to-symphony-2s-default-theme/ or (2) sen...
Getsymphony Symphony 2.1.1
Getsymphony Symphony 2.0.7
1 EDB exploit
NA
CVE-2008-4186
SQL injection vulnerability in index.php in webCMS Portal Edition allows remote malicious users to execute arbitrary SQL commands via the id_doc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Webcms Webcms Portal Edition
1 EDB exploit
NA
CVE-2008-4644
hits.php in myWebland myStats allows remote malicious users to bypass IP address restrictions via a modified X-Forwarded-For HTTP header.
Mywebland Mystats
1 EDB exploit
NA
CVE-2008-4455
Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read and execute arbitrary files via a .. (dot dot) in the language cookie.
Mysql Quick Admin Mysql Quick Admin 1.5.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »