Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ka0x vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5123
SQL injection vulnerability in notas.asp in Novus 1.0 allows remote malicious users to execute arbitrary SQL commands via the nota_id parameter.
Solidweb Novus 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-0839
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Astats Astatspro 1.0
Joomla Com Astatspro 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1122
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote malicious users to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authe...
Microsoft Internet Information Services 5.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-4561
Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Worms-league Webleague 2.2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6014
SQL injection vulnerability in scripts/links.php in Rianxosencabos CMS 0.9 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Rianxosencabos Cms Rianxosencabos Cms 0.9
1 EDB exploit
7.5
CVSSv2
CVE-2008-0601
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
All Club Cms All Club Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-4134
PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and previous versions, and possibly other versions prior to 0.05, allows remote malicious users to execute arbitrary PHP code via a URL in the INC parameter.
Phprealty Phprealty 0.021
Phprealty Phprealty 0.022
Phprealty Phprealty
Phprealty Phprealty 0.023
1 EDB exploit
6.8
CVSSv2
CVE-2008-4145
SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Addalink Addalink
1 EDB exploit
7.5
CVSSv2
CVE-2008-0918
SQL injection vulnerability in includes/count_dl_or_link.inc.php in the astatsPRO (com_astatspro) 1.0.1 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to getfile.php, a different vector than CVE-2008-0839. NOTE: the prov...
Astats Astatspro 1.0.1
Joomla Com Astatspro 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-0219
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote malicious users to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920.
Php Webquest Php Webquest 2.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »