Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aliaksandr hartsuyeu vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-0167
SQL injection vulnerability in MyPhPim 01.05 allows remote malicious users to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page.
Myphpim Myphpim 01.05
2 EDB exploits
6.4
CVSSv2
CVE-2006-1334
Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
Maian Script World Maian Weblog
2 EDB exploits
5.1
CVSSv2
CVE-2006-1569
Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.
Redcms Redcms 0.1
2 EDB exploits
7.5
CVSSv2
CVE-2006-4504
SQL injection vulnerability in NX5Linx 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c and (2) l parameters.
Nx5 Nx5linx 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-4505
CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a CRLF sequence in the url parameter.
Nx5 Nx5linx 1.0
1 EDB exploit
5
CVSSv2
CVE-2006-0877
Cross-site scripting vulnerability in Easy Forum 2.5 allows remote malicious users to inject arbitrary web script or HTML via the image variable.
Easy Forum Easy Forum 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2006-0775
Multiple SQL injection vulnerabilities in show.php in BirthSys 3.1 allow remote malicious users to execute arbitrary SQL commands via the $month variable. NOTE: a vector regarding the $date parameter and data.php (date.php) was originally reported, but this appears to be in error...
Ridder Roeland Birthsys 3.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-0542
Multiple SQL injection vulnerabilities in config.php in NukedWeb GuestBookHost 2005.04.25 allow remote malicious users to execute arbitrary SQL commands via the (1) email and (2) password parameters.
Nukedweb Guestbookhost 2005-04-25
7.5
CVSSv2
CVE-2006-1543
Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) loginvar parameter in (a) admin/admin.php, and the (2) news and (3) nom parameters in (b) news.php.
Vscripts Vnews 1.2
1 EDB exploit
5.1
CVSSv2
CVE-2006-1238
SQL injection vulnerability in DSLogin 1.0, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the $log_userid variable in (1) index.php and (2) admin/index.php.
Dsportal Dslogin 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »