Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mark stanislav vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2010-4313
Unrestricted file upload vulnerability in fileman_file_upload.php in Orbis CMS 1.0.2 allows remote authenticated users to execute arbitrary code by uploading a .php file, and then accessing it via a direct request to the file in uploads/.
Novo-ws Orbis Cms 1.0.2
1 EDB exploit
685
VMScore
CVE-2010-4330
Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic prior to 1.2.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter to index.php.
Pulsecms Pulse Cms 1.2.1
Pulsecms Pulse Cms 1.2.5
Pulsecms Pulse Cms 1.0
Pulsecms Pulse Cms 1.2.6
Pulsecms Pulse Cms 1.18
Pulsecms Pulse Cms 1.2
Pulsecms Pulse Cms 1.2.4
Pulsecms Pulse Cms 1.2.3
Pulsecms Pulse Cms 1.2.2
Pulsecms Pulse Cms 1.15
Pulsecms Pulse Cms 1.01
Pulsecms Pulse Cms
Pulsecms Pulse Cms 1.17
Pulsecms Pulse Cms 1.16
Pulsecms Pulse Cms 1.1
Pulsecms Pulse Cms 1.2.7
1 EDB exploit
435
VMScore
CVE-2010-4331
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) default_news or (2) sponsors cookies, which are not properly handled by (a) controllers/index.ctrl.php or (b) controllers/setting...
Seopanel Seopanel 2.2.0
1 EDB exploit
755
VMScore
CVE-2010-4332
Pointter PHP Content Management System 1.0 allows remote malicious users to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
Pangramsoft Pointter Php Content Management System 1.0
1 EDB exploit
755
VMScore
CVE-2010-4333
Pointter PHP Micro-Blogging Social Network 1.8 allows remote malicious users to bypass authentication and obtain administrative privileges via arbitrary values of the auser and apass cookies.
Pangramsoft Pointter Php Micro-blogging Social Network 1.8
1 EDB exploit
755
VMScore
CVE-2012-5469
The Portable phpMyAdmin plugin prior to 1.3.1 for WordPress allows remote malicious users to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
Phpmyadmin Phpmyadmin 1.0.0
Phpmyadmin Phpmyadmin 1.0.1
Phpmyadmin Phpmyadmin 1.0.2
Phpmyadmin Phpmyadmin 1.0.3
Phpmyadmin Phpmyadmin 1.0.4
Phpmyadmin Phpmyadmin 1.0.5
Phpmyadmin Phpmyadmin 1.0.6
Phpmyadmin Phpmyadmin 1.0.7
Phpmyadmin Phpmyadmin 1.0.8
Phpmyadmin Phpmyadmin 1.1
Phpmyadmin Phpmyadmin 1.2
Phpmyadmin Phpmyadmin 1.2.1
Phpmyadmin Phpmyadmin 1.2.2
Phpmyadmin Phpmyadmin 1.2.3
Phpmyadmin Phpmyadmin 1.2.4
Phpmyadmin Phpmyadmin 1.2.5
Phpmyadmin Phpmyadmin 1.2.6
Phpmyadmin Phpmyadmin 1.2.7
Phpmyadmin Phpmyadmin 1.2.8
Phpmyadmin Phpmyadmin 1.2.9
Phpmyadmin Phpmyadmin 1.2.9.1
Phpmyadmin Phpmyadmin 1.2.9.2
1 EDB exploit
755
VMScore
CVE-2011-1546
Multiple SQL injection vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) prior to 0.95.3 allow remote malicious users to execute arbitrary SQL commands via the s parameter to (1) a_viewusers.php or (2) keysearch.php; and allow remote authenticated administrators to execut...
Aphpkb Aphpkb 0.93.9
Aphpkb Aphpkb 0.86
Aphpkb Aphpkb 0.92.1
Aphpkb Aphpkb 0.45
Aphpkb Aphpkb 0.94.3
Aphpkb Aphpkb 0.92.3
Aphpkb Aphpkb 0.87
Aphpkb Aphpkb 0.361
Aphpkb Aphpkb 0.3
Aphpkb Aphpkb 0.93.8
Aphpkb Aphpkb 0.94.8
Aphpkb Aphpkb 0.74
Aphpkb Aphpkb 0.56
Aphpkb Aphpkb 0.88.5
Aphpkb Aphpkb 0.65
Aphpkb Aphpkb 0.79
Aphpkb Aphpkb 0.93.3
Aphpkb Aphpkb 0.59
Aphpkb Aphpkb 0.4
Aphpkb Aphpkb 0.95
Aphpkb Aphpkb 0.54
Aphpkb Aphpkb 0.1
1 EDB exploit
1000
VMScore
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
505
VMScore
CVE-2012-1670
admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.
Phpgradebook Php Grade Book
Phpgradebook Php Grade Book 1.9.3
1 EDB exploit
755
VMScore
CVE-2010-4006
Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x prior to 5.0.81, 5.1.x prior to 5.1.51, and 6.0.x prior to 6.0.1 allow remote malicious users to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Wsnlinks Wsn Links 5.0.72
Wsnlinks Wsn Links 5.0.58
Wsnlinks Wsn Links 5.0.25
Wsnlinks Wsn Links 5.0.34
Wsnlinks Wsn Links 5.0.70
Wsn Wsn Links 5.1.38
Wsn Wsn Links 5.1.4
Wsn Links 5.1.25
Wsnlinks Wsn Links 5.0.51
Wsnlinks Wsn Links 5.0.49
Wsn Wsn Links 5.1.48
Wsn Wsn Links 5.1.45
Wsnlinks Wsn Links 5.0.13
Wsn Wsn Links 5.1.14
Wsnlinks Wsn Links 5.0.11
Wsn Wsn Links 5.1.37
Wsnlinks Wsn Links 5.0.77
Wsn Links 5.1.34
Wsnlinks Wsn Links 5.0.44
Wsnlinks Wsn Links 5.0.31
Wsn Wsn Links 5.1.35
Wsnlinks Wsn Links 5.0.21
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »