Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tiger-dz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2604
Multiple SQL injection vulnerabilities in adminlogin.asp in Zen Help Desk 2.1 allow remote malicious users to execute arbitrary SQL commands via the (1) userid (aka username) and (2) PassWord parameters to admin.asp.
Zenhelpdesk Zen Help Desk 2.1
1 EDB exploit
NA
CVE-2009-3058
Stack-based buffer overflow in akPlayer 1.9.0 allows remote malicious users to execute arbitrary code via a long string in a .plt playlist file.
Aksoft Akplayer 1.9.0
1 EDB exploit
NA
CVE-2009-2602
R2 Newsletter Lite, Pro, and Stats stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for admin.mdb.
R2newsletter R2 Newsletter Stats
R2newsletter R2 Newsletter Lite
R2newsletter R2 Newsletter Pro
1 EDB exploit
NA
CVE-2009-2233
The admin interface in AWScripts.com Gallery Search Engine 1.5 allows remote malicious users to bypass authentication and gain administrative access by setting the awse_logged cookie to 1.
Awscripts Gallery Search Engine 1.5
1 EDB exploit
NA
CVE-2009-1767
admin/edituser.php in 2daybiz Template Monster Clone does not require administrative authentication, which allows remote malicious users to modify arbitrary accounts via the (1) loginname, (2) password, (3) email, (4) firstname, or (5) lastname parameter.
2daybiz Template Monster Clone -
1 EDB exploit
NA
CVE-2009-1638
Techno Dreams Job Career Package 3.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the JobCareerAdmin cookie to Login.
T-dreams Job Career Package 3.0
1 EDB exploit
NA
CVE-2009-1941
PAD Site Scripts 3.6 stores sensitive information under the web document root with insufficient access control, which allows remote malicious users to download the database and obtain sensitive information via a direct request for dbbackup.txt.
Phpeasycode Pad Site Scripts 3.6
1 EDB exploit
NA
CVE-2009-1610
admin/changepassword.php in Job Script Job Board Software 2.0 allows remote malicious users to change the administrator password and gain administrator privileges via a direct request.
Jobscript Job Script Job Board Software 2.0
1 EDB exploit
NA
CVE-2009-1662
Multiple SQL injection vulnerabilities in admin/login.php in Wright Way Services Recipe Script 5 allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) Password fields, as reachable from admin/index.php.
Recipescript Recipe Script 5
1 EDB exploit
NA
CVE-2009-1651
SQL injection vulnerability in admin/member_details.php in 2daybiz Business Community Script allows remote malicious users to execute arbitrary SQL commands via the mid parameter.
2daybiz Business Community Script
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »