Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
NA
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
NA
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
NA
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
NA
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
NA
CVE-2007-0904
SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter to index.php.
Lightro Lightro Cms 1.0
1 EDB exploit
NA
CVE-2006-2696
Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp.
Easy-content Forums Easy-content Forums 1.0
1 EDB exploit
NA
CVE-2007-1979
SQL injection vulnerability in index.php in the PopnupBlog 2.52 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the postid parameter, possibly involving the get_blogid_from_postid function in class/PopnupBlogUtils.php. NO...
Xoops Xoops Popnupblog
1 EDB exploit
NA
CVE-2006-2638
SQL injection vulnerability in member.asp in qjForum allows remote malicious users to execute arbitrary SQL commands via the uName parameter.
Qjstudios Qjforum
1 EDB exploit
NA
CVE-2007-1960
SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Xoops Rha7 Downloads Module 1.0
Xoops Rha7 Downloads Module 1.10
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »