Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5300
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some...
Wzdftpd Wzdftpd 0.8.0
Wzdftpd Wzdftpd 0.8.2
1 EDB exploit
NA
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote malicious users to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the ...
Redline Software Lanai Cms 1.2.14
4 EDB exploits
NA
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action...
Freewebshop Freewebshop 2.2.1
2 EDB exploits
NA
CVE-2006-6634
Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and previous versions component for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events.php, (2) the ...
Mambo Extcalthai Module
2 EDB exploits
NA
CVE-2007-4253
SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263.
Envolution Envolution
1 EDB exploit
NA
CVE-2007-4714
SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Yvora Yvora 1.0
1 EDB exploit
NA
CVE-2007-4736
SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Cartkeeper Ckgold Shopping Cart 2.0
1 EDB exploit
NA
CVE-2007-4804
Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote malicious users to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may ...
Auracms Auracms 1.5 Rc
1 EDB exploit
NA
CVE-2007-4808
Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir act...
Tlm Cms Tlm Cms 3.2
Tlm Cms Tlm Cms 1.1
1 EDB exploit
NA
CVE-2007-4846
SQL injection vulnerability in start.php in Webace-Linkscript (wls) 1.3 Special Edition (SE) allows remote malicious users to execute arbitrary SQL commands via the id parameter in a rubrik go action.
Webace Webace-linkscript 1.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »