Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joseph.giron13 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4047
geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote malicious users to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request w...
Geoblog Geoblog 1
2 EDB exploits
NA
CVE-2007-3889
Multiple SQL injection vulnerabilities in Insanely Simple Blog 0.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the current_subsection parameter to index.php and other unspecified vectors.
Insanely Simple Blog Insanely Simple Blog
1 EDB exploit
NA
CVE-2007-6032
SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote malicious users to execute arbitrary SQL commands via the mode parameter.
Aleris Web Publishing Server 3.0
1 EDB exploit
NA
CVE-2007-5915
Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the whattodo parameter.
Phphelpdesk Phphelpdesk 0.6.16
1 EDB exploit
NA
CVE-2008-6875
SQL injection vulnerability in default.asp in ASP Product Catalog allows remote malicious users to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-5220.
Humayun Shabbir Bhutta Asp Product Catalog 1.0
1 EDB exploit
NA
CVE-2007-3888
Multiple cross-site scripting (XSS) vulnerabilities in Insanely Simple Blog 0.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the search action, possibly related to the term parameter to index.php; or (2) an anonymous blog entry...
Insanely Simple Blog Insanely Simple Blog
1 EDB exploit
NA
CVE-2007-4359
Multiple SQL injection vulnerabilities in SkilMatch Staffing Systems JobLister3 allow remote malicious users to execute arbitrary SQL commands via (1) the search form or (2) the jobid parameter to index.php in a showbyID action.
Skilmatch Staffing Systems Joblister3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started