Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4483
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the theme parameter.
Crux Software Gallery 1.31
Crux Software Gallery 1.30
Crux Software Gallery 1.0
Crux Software Gallery 1.2
Crux Software Gallery 1.1
Crux Software Gallery
Crux Software Gallery 1.32
1 EDB exploit
NA
CVE-2008-4603
SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote malicious users to execute arbitrary SQL commands via the keywords parameter in a search_games action.
Igaming Cms 2.0
1 EDB exploit
NA
CVE-2008-4675
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Phpcounter Phpcounter 1.3.1
Phpcounter Phpcounter 1.3.0
Phpcounter Phpcounter 1.2.1
Phpcounter Phpcounter 1.2.0
Phpcounter Phpcounter 1.2.5
Phpcounter Phpcounter 1.2.4
Phpcounter Phpcounter 1.2.3
Phpcounter Phpcounter 1.2.2
Phpcounter Phpcounter 1.2.7
Phpcounter Phpcounter 1.2.6
Phpcounter Phpcounter
1 EDB exploit
NA
CVE-2008-4701
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this informat...
Liberiacms Liberia Cms 1.00
Liberiacms Liberia Cms 1.11
Liberiacms Liberia Cms 1.10
Liberiacms Liberia Cms
1 EDB exploit
NA
CVE-2008-4887
SQL injection vulnerability in index.php in NetRisk 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third ...
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
NA
CVE-2008-6727
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and previous versions 2.x versions allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Myupb Upb 2.2.2
Myupb Upb 2.2.1
Myupb Upb 2.1.1b
Myupb Upb 2.0
1 EDB exploit
NA
CVE-2008-6078
SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a pms action to index.php.
Limbo Cms Com Privmsg
1 EDB exploit
NA
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
1 EDB exploit
NA
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
NA
CVE-2008-6290
Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the page_file parameter.
Niclor Include Sito -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »