Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-0739
SQL injection vulnerability in login.php in MyNews 0.10 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Mynews 0.10
1 EDB exploit
755
VMScore
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
1 EDB exploit
755
VMScore
CVE-2008-5880
admin/auth.php in Gobbl CMS 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "ok".
Gobbl Gobbl Cms 1.0
1 EDB exploit
685
VMScore
CVE-2008-6084
Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directo...
.matteoiammarrone Iamma Simple Gallery 2.0
.matteoiammarrone Iamma Simple Gallery 1.0
1 EDB exploit
755
VMScore
CVE-2009-0403
SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Chipmunk Scripts Chipmunk Blogger
1 EDB exploit
755
VMScore
CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 1.1
1 EDB exploit
505
VMScore
CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for extra/genbackup.php.
Phnews Phnews 1
1 EDB exploit
755
VMScore
CVE-2009-0399
Chipmunk Blogger Script allows remote malicious users to gain administrator privileges via a direct request to admin/reguser.php. NOTE: this is only a vulnerability when the administrator does not properly follow installation directions.
Chipmunk Scripts Chipmunk Blogger
1 EDB exploit
755
VMScore
CVE-2009-0479
Multiple SQL injection vulnerabilities in admin/admin_login.php in Online Grades 3.2.4 allow remote malicious users to execute arbitrary SQL commands via the (1) uname or (2) pword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
Onlinegrades Online Grades 3.2.4
1 EDB exploit
755
VMScore
CVE-2009-0722
Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.
Potato-scripts Potato News 1.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »