Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2896
profile.php in FunkBoard CF0.71 allows remote malicious users to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
Funkboard Funkboard Cf0.71
1 EDB exploit
3 Github repositories
7.5
CVSSv2
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
7.5
CVSSv2
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
5
CVSSv2
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
7.5
CVSSv2
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
7.5
CVSSv2
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
10
CVSSv2
CVE-2006-2807
ASPwebSoft Speedy Asp Discussion Forum allows remote malicious users to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.
Aspwebsoft Speedy Asp Discussion Forum
1 EDB exploit
7.5
CVSSv2
CVE-2006-2847
SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote malicious users to execute arbitrary SQL commands via the linkID parameter.
Full Revolution Aspweblinks 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-1615
SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Jokes
1 EDB exploit
7.5
CVSSv2
CVE-2007-1617
SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Recipes
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »