Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
girex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1947
SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
Newsboard Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1948
Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote malicious users to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filenam...
Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1949
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2008-6590
Multiple directory traversal vulnerabilities in LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php.
Lightneasy Lightneasy 1.2.2
Sqlite Sqlite 1.2.2
1 EDB exploit
NA
CVE-2008-6593
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and previous versions allows remote malicious users to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Lightneasy Lightneasy 1.2.2
Sqlite Sqlite 1.2.2
1 EDB exploit
NA
CVE-2008-6643
LokiCMS 0.3.4 and possibly earlier versions does not properly restrict access to administrative functions, which allows remote malicious users to bypass intended restrictions and modify configuration settings via the LokiACTION parameter in a direct request to admin.php.
Lokicms Lokicms 0.3.4
1 EDB exploit
NA
CVE-2008-2028
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote malicious users to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.
Minibb Minibb
1 EDB exploit
NA
CVE-2008-2029
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote malicious users to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
Minibb Minibb
1 EDB exploit
NA
CVE-2008-3416
SQL injection vulnerability in modules/members.php in IceBB prior to 1.0-rc9.3 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in...
Icebb Icebb 1.0
1 EDB exploit
NA
CVE-2010-4151
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006...
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »