Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
girex vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-1947
SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
Newsboard Unclassified Newsboard 1.6.4
1 EDB exploit
9.3
CVSSv2
CVE-2008-1860
Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and previous versions allows remote malicious users to inject arbitrary PHP code into includes/Config.php via the default parameter.
Lokicms Lokicms 0.3.1b1
Lokicms Lokicms 0.3.1b2
Lokicms Lokicms 0.3.2b1
Lokicms Lokicms
Lokicms Lokicms 0.2.0
Lokicms Lokicms 0.3.0
Lokicms Lokicms 0.1.0
Lokicms Lokicms 0.1.0rc1
1 EDB exploit
6.8
CVSSv2
CVE-2008-1911
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a cookpass cookie.
1024 Cms 1024 Cms 1.4.2
1 EDB exploit
4.3
CVSSv2
CVE-2008-2028
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote malicious users to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.
Minibb Minibb
1 EDB exploit
6.8
CVSSv2
CVE-2008-2029
Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote malicious users to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
Minibb Minibb
1 EDB exploit
7.5
CVSSv2
CVE-2008-6593
SQL injection vulnerability in LightNEasy/lightneasy.php in LightNEasy SQLite 1.2.2 and previous versions allows remote malicious users to inject arbitrary PHP code into comments.dat via the dlid parameter to index.php.
Lightneasy Lightneasy 1.2.2
Sqlite Sqlite 1.2.2
1 EDB exploit
7.8
CVSSv2
CVE-2009-1949
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Unclassified Newsboard 1.6.4
1 EDB exploit
5.1
CVSSv2
CVE-2009-1948
Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote malicious users to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filenam...
Unclassified Newsboard 1.6.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-3153
SQL injection vulnerability in Triton CMS Pro allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
Tritoncms Triton Cms Pro
1 EDB exploit
6.8
CVSSv2
CVE-2008-1553
Directory traversal vulnerability in mod.php in TopperMod 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the to parameter.
Topper Toppermod 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »