Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4757
Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: some of these details are obtained from thi...
Evils-world Ew-musicplayer 0.8
1 EDB exploit
NA
CVE-2009-4759
Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .BMX file.
Joric Bmxplay 0.4.4b
1 EDB exploit
NA
CVE-2009-4792
SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote malicious users to execute arbitrary SQL commands via the memid parameter to members.php.
Karl Core Bandsite Cms 1.1.4
1 EDB exploit
NA
CVE-2009-4793
Unrestricted file upload vulnerability in adminpanel/scripts/addphotos.php in BandSite CMS 1.1.4 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension via an addphotos action to adminpanel/index.php, and then acc...
Karl Core Bandsite Cms 1.1.4
1 EDB exploit
NA
CVE-2009-4209
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
Mozilo Mozilocms 1.11.1
1 EDB exploit
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-1248
Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/.
Acutecp Acute Control Panel 1.0.0
1 EDB exploit
NA
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
NA
CVE-2009-1369
moziloCMS 1.11 allows remote malicious users to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1406
Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the include parameter.
Sweetphp Totalcalendar 2.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »