Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securitylab.ir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2238
Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a di...
Dmxready Registration Manager 1.1
1 EDB exploit
NA
CVE-2009-2558
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote malicious users to post news messages via a direct request.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of...
Elkagroup Image Gallery 1.0
1 EDB exploit
NA
CVE-2009-1622
SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote malicious users to execute arbitrary SQL commands via the order_sn parameter in an order_query action.
Ecshop Ecshop 2.5.0
1 EDB exploit
NA
CVE-2009-1818
SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via an m_username cookie in an add action.
Maxcms Maxcms 2.0
1 EDB exploit
NA
CVE-2009-4470
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the groupboardid parameter.
Dvbbs Dvbbs 2.0
1 EDB exploit
NA
CVE-2009-2557
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the fichier parameter.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-1764
SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a digg action.
Bokecc Maxcms 2.0
1 EDB exploit
NA
CVE-2009-3124
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote malicious users to read arbitrary files via a .. (dot dot) in the tf parameter.
Ipmotor Quarkmail -
1 EDB exploit
NA
CVE-2009-3173
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Theratstudios The Rat Cms 2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »