Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qabandi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4725
Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the...
Arabportal Arab Portal
1 EDB exploit
NA
CVE-2009-2585
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote malicious users to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
Mlffat Mlffat 2.2
1 EDB exploit
NA
CVE-2009-4206
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cmsnx Million Dollar Text Links
1 EDB exploit
NA
CVE-2009-2131
Cross-site scripting (XSS) vulnerability in 4images 1.7.7 and previous versions allows remote authenticated users to inject arbitrary web script or HTML by providing a crafted user_homepage parameter to member.php, and then posting a comment associated with a picture.
4homepages 4images 1.7.1
4homepages 4images 1.7
4homepages 4images 1.6.1
4homepages 4images 1.5
4homepages 4images 1.7.3
4homepages 4images 1.7.6
4homepages 4images 1.0
4homepages 4images 1.7.2
4homepages 4images 1.6
4homepages 4images 1.7.5
4homepages 4images 1.7.4
4homepages 4images
1 EDB exploit
NA
CVE-2009-2180
Multiple directory traversal vulnerabilities in upfiles/index.php in Pc4 Uploader 10.0 and previous versions allow remote malicious users to read arbitrary files via (1) a .. (dot dot) or (2) absolute path in the file parameter.
Pc4arb Pc4 Uploader 10.0
1 EDB exploit
NA
CVE-2009-2605
Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote malicious users to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php.
Traidnt Traidnt Up 2.0
1 EDB exploit
NA
CVE-2009-4734
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action.
Allomani Movies Library 2.7.0
1 EDB exploit
NA
CVE-2009-3823
Directory traversal vulnerability in myhtml.php in Mobilelib GOLD 3.0, when magic_quotes_gpc is enabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the GLOBALS[page] parameter.
Ac4p Mobilelib Gold 3.0
1 EDB exploit
NA
CVE-2009-3430
SQL injection vulnerability in login.php in Allomani Mobile 2.5 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action.
Allomani Mobile 2.5
1 EDB exploit
NA
CVE-2009-2132
Directory traversal vulnerability in global.php in 4images prior to 1.7.7, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the l parameter.
4homepages 4images 1.6
4homepages 4images 1.5
4homepages 4images 1.7
4homepages 4images 1.7.3
4homepages 4images 1.7.5
4homepages 4images 1.7.4
4homepages 4images 1.0
4homepages 4images
4homepages 4images 1.7.1
4homepages 4images 1.7.2
4homepages 4images 1.6.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »