Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2202
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/i...
Maianscriptworld Maian Uploader 4.0
3 EDB exploits
NA
CVE-2008-2082
Cross-site scripting (XSS) vulnerability in index.php in Siteman 2.0.x2 allows remote malicious users to inject arbitrary web script or HTML via the module parameter, which leaks the path in an error message.
Siteman Siteman 2.0
2 EDB exploits
NA
CVE-2008-3712
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/co...
Mambo Mambo 4.6.2
Mambo Mambo 4.6.5
2 EDB exploits
NA
CVE-2008-2188
Multiple cross-site scripting (XSS) vulnerabilities in EJ3 BlackBook 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) bookCopyright and (2) ver parameters to (a) footer.php, and the (3) bookName, (4) bookMetaTags, and (5) estiloCSS parameters to...
Eejj33 Blackbook 1.0
2 EDB exploits
NA
CVE-2008-3569
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the text parameter to (1) iart.php and (2) ming.php.
Apache Friends Xampp 1.6.7
2 EDB exploits
NA
CVE-2014-3857
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control (formerly WinRoute Firewall) prior to 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) x_16 or (2) x_17 parameter to print.php.
Kerio Control 8.3.0
Kerio Control
1 EDB exploit
NA
CVE-2008-3556
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote malicious users to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same...
Haudenschilt Battlenet Clan Script 1.5.2
1 EDB exploit
NA
CVE-2008-3720
SQL injection vulnerability in index.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the id vector is already covered by CVE-2007-5679.
Deeemm Dmcms 0.7.4
1 EDB exploit
NA
CVE-2008-2196
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote malicious users to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
Lifetype Lifetype 1.2.8
1 EDB exploit
NA
CVE-2007-5998
SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.
Softbizscripts Ad Management Plus Script 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »