Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securitylab.ir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2558
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote malicious users to post news messages via a direct request.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-3124
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote malicious users to read arbitrary files via a .. (dot dot) in the tf parameter.
Ipmotor Quarkmail -
1 EDB exploit
NA
CVE-2009-2557
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the fichier parameter.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-4470
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the groupboardid parameter.
Dvbbs Dvbbs 2.0
1 EDB exploit
NA
CVE-2009-3173
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Theratstudios The Rat Cms 2
1 EDB exploit
NA
CVE-2009-1622
SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote malicious users to execute arbitrary SQL commands via the order_sn parameter in an order_query action.
Ecshop Ecshop 2.5.0
1 EDB exploit
NA
CVE-2009-1764
SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a digg action.
Bokecc Maxcms 2.0
1 EDB exploit
NA
CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of...
Elkagroup Image Gallery 1.0
1 EDB exploit
NA
CVE-2009-2238
Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a di...
Dmxready Registration Manager 1.1
1 EDB exploit
NA
CVE-2009-4665
Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Cutesoft Components Cute Editor For Asp.net
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »