Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fuzion vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2009-0286
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
Opengoo Opengoo 1.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-0295
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Itlpoll Itpoll 2.7
1 EDB exploit
5
CVSSv2
CVE-2008-5856
Directory traversal vulnerability in scripts/export.php in ClaSS prior to 0.8.61 allows remote malicious users to read arbitrary files via directory traversal sequences in the ftype parameter.
Class Class
Class Class 0.8.59
Class Class 0.8.20
Class Class 0.8.14
Class Class 0.6.1
Class Class 0.6.0
Class Class 0.4
Class Class 0.8.32
Class Class 0.8.29
Class Class 0.8.26
Class Class 0.8
Class Class 0.8.0
Class Class 0.4.1
Class Class 0.4.0
Class Class 0.8.47
Class Class 0.8.40
Class Class 0.8.5
Class Class 0.5.0
Class Class 0.4.2
Class Class 0.8.56
Class Class 0.8.51
Class Class 0.8.10
1 EDB exploit
5.1
CVSSv2
CVE-2008-5859
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the show_page parameter.
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.02.2
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms
1 EDB exploit
4.3
CVSSv2
CVE-2008-5748
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote malicious users to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
Bloofox Bloofoxcms 0.3.4
1 EDB exploit
2.6
CVSSv2
CVE-2008-5847
Constructr CMS 3.02.5 and previous versions stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information by reading the hash column.
Constructr Constructr-cms 3.02.2
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.01.0
1 EDB exploit
5.1
CVSSv2
CVE-2008-5860
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to create or read arbitrary files via directory traversal sequences in the ed...
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.02.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-5890
SQL injection vulnerability in feeds.php in Injader prior to 2.1.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Injader Injader 2.0.3
Injader Injader 2.0.2
Injader Injader 1.6.1
Injader Injader
Injader Injader 2.1.0
1 EDB exploit
6.5
CVSSv2
CVE-2009-0645
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
Jaws Jaws 0.8.8
1 EDB exploit
7.1
CVSSv2
CVE-2008-0729
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote malicious users to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-20...
Apple Mobile Safari
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »