Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

snoopy project snoopy vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2002-2444
Snoopy prior to 2.0.0 has a security hole in exec cURL
Snoopy Project Snoopy 2.0.0-1
NA
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project SnoopyDebian Debian Linux 4.0Debian Debian Linux 5.0Nagios NagiosWordpress Wordpress
NA
CVE-2009-0502
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 prior to 1.6.9, 1.7 prior to 1.7.7, 1.8 prior to 1.8.8, and 1.9 prior to 1.9.4, allows remote malicious users to inject arbitrary web script or HTML via an HTML block, wh...
Snoopy Snoopy 1.2.3Moodle Moodle 1.7.4Moodle Moodle 1.7.5Moodle Moodle 1.8.5Moodle Moodle 1.9.2Moodle Moodle 1.7.0Moodle Moodle 1.7.1Moodle Moodle 1.8.2Moodle Moodle 1.8.3Moodle Moodle 1.8.7Moodle Moodle 1.9.3Moodle Moodle 1.7.2Moodle Moodle 1.7.3Moodle Moodle 1.8.4Moodle Moodle 1.8.6Moodle Moodle 1.7.6Moodle Moodle 1.8.1Moodle Moodle 1.9.1
NA
CVE-2008-1502
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare prior to 1.4.003, Moodle prior to 1.8.5, and other products, allows remote malicious users to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string contai...
Moodle Moodle 1.8.1Moodle Moodle 1.6.7Moodle Moodle 1.5.0Moodle Moodle 1.5.3Moodle Moodle 1.4.2Moodle Moodle 1.4.1Moodle Moodle 1.2.0Moodle Moodle 1.1.1Moodle MoodleMoodle Moodle 1.7.4Moodle Moodle 1.7.3Moodle Moodle 1.6.4Moodle Moodle 1.6.3Moodle Moodle 1.6.2Moodle Moodle 1.5Moodle Moodle 1.4.5Moodle Moodle 1.3.2Moodle Moodle 1.3.1Egroupware Egroupware 1.0.3Egroupware Egroupware 1.0.1Moodle Moodle 1.7.6Moodle Moodle 1.7.5
NA
CVE-2008-6762
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
Wordpress Wordpress 2.6
NA
CVE-2008-6767
wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to upgrade the application, and possibly cause a denial of service (application outage), via a direct request.
Wordpress Wordpress 2.6
NA
CVE-2009-2851
Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress prior to 2.8.2 allows remote malicious users to inject arbitrary web script or HTML via a comment author URL.
Wordpress Wordpress
NA
CVE-2008-4769
Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and previous versions, and 2.5, allows remote malicious users to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of ...
Wordpress Wordpress 1.2-deltaWordpress Wordpress 2.1.3Wordpress Wordpress 1.0.1-milesWordpress Wordpress 1.5-strayhornWordpress Wordpress 1.5.1.2Wordpress Wordpress 1.5.1.3Wordpress Wordpress 2.0.2Wordpress Wordpress 2.0.3Wordpress Wordpress 2.0.4Wordpress Wordpress 2.3Wordpress Wordpress 1.2Wordpress Wordpress 2.2 Revision5003Wordpress Wordpress 2.2.2Wordpress Wordpress 1.0Wordpress Wordpress 1.0.1Wordpress Wordpress 0.7Wordpress Wordpress 0.72Wordpress Wordpress 1.4Wordpress Wordpress 1.2-mingusWordpress Wordpress 2.2 Revision5002Wordpress Wordpress 1.0.2-blakeyWordpress Wordpress 1.5.1.1
NA
CVE-2008-5113
WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which makes it easier for remote malicious users to conduct delayed and persistent cross-site request forgery (CSRF) attacks via crafted cookies, as demonstrated by attacks that (1) delete us...
Wordpress Wordpress 2.6.3
NA
CVE-2008-4810
The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote malicious users to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka "php executed in templates;" and (2) a doub...
Smarty Smarty 2.6.0Smarty Smarty 2.4.0Smarty Smarty 2.3.1Smarty Smarty 1.5.1Smarty Smarty 1.5.0Smarty Smarty 1.4.0Smarty Smarty 1.2.0Smarty Smarty 1.1.0Smarty Smarty 1.0bSmarty Smarty 2.6.7Smarty Smarty 2.6.9Smarty Smarty 2.6.11Smarty Smarty 2.6.12Smarty Smarty 2.5.0Smarty Smarty 2.3.0Smarty Smarty 2.2.0Smarty Smarty 2.1.1Smarty Smarty 1.4.6Smarty Smarty 1.4.5Smarty Smarty 1.3.2Smarty Smarty 1.0aSmarty Smarty 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook