Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirdarckcat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3963
Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote malicious users to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7)...
Banex Banex 2.21
2 EDB exploits
NA
CVE-2006-4599
SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote malicious users to execute arbitrary SQL commands via the user parameter.
Autentificator Autentificator 2.01
1 EDB exploit
NA
CVE-2006-3959
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameter.
X-scripts X-statistics 1.10
1 EDB exploit
NA
CVE-2006-3960
SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2.30, allows remote malicious users to execute arbitrary SQL commands via the poll parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
X-scripts X-poll 2.30
1 EDB exploit
NA
CVE-2006-3964
PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg_root parameter.
Banex Banex 2.21
1 EDB exploit
NA
CVE-2006-3972
Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote malicious users to read arbitrary files via a .. (dot dot) in the chatid parameter.
Scott Weedon Ajax Chat 0.1
1 EDB exploit
NA
CVE-2006-4102
PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin 0.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the conf[classpath] parameter.
Falko Timme And Till Brehm Sqlitewebadmin
1 EDB exploit
NA
CVE-2006-4607
admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote malicious users to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.
Longino Jacome Php-revista 1.1.2
1 EDB exploit
NA
CVE-2006-4608
Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.
Longino Jacome Php-revista 1.1.2
1 EDB exploit
NA
CVE-2006-4605
PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote malicious users to execute arbitrary PHP code via the adodb parameter.
Longino Jacome Php-revista 1.1.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »