Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1025
PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PHPLinkAdmin 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Beerwin Phplinkadmin 1.0
1 EDB exploit
NA
CVE-2009-1247
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Acutecp.rediscussed Acutecp 1.0.0
1 EDB exploit
NA
CVE-2008-3923
Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-3924
The "Make a backup" functionality in Content Management Made Easy (CMME) 1.12 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover (1) account names and (2) password hashes via a direct request...
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-3925
Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) 1.12 allows remote malicious users to trigger the logout of an administrative user via a logout action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-3926
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the...
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-4346
Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371.
Talkback Talkback 2.3.6
Talkback Talkback 2.3.6.4
1 EDB exploit
NA
CVE-2009-3507
Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter.
Jean-michel Wyttenbach Cmsphp 0.21
1 EDB exploit
NA
CVE-2009-3716
Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2008-7056
BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote malicious users to obtain copies of the database via a direct request.
Grayscalecms Bandsite Cms 1.1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »