Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4933
Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote malicious users to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from third party information.
Winterwebs Ezwebitor
1 EDB exploit
NA
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
NA
CVE-2008-6270
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the user parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
NA
CVE-2008-6312
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2008-6327
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2013-7195
PHPFox 3.7.3 and 3.7.4 allows remote authenticated users to bypass intended "Only Me" restrictions and "like" a publication via a request that specifies the ID for the publication.
Phpfox Phpfox 3.7.4
Phpfox Phpfox 3.7.3
1 Github repository
NA
CVE-2005-3432
MiniGal 2 (MG2) 0.5.1 allows remote malicious users to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.
Thomas Rybak Minigal 2 0.5.1
Thomas Rybak Minigal 2 B13
1 EDB exploit
NA
CVE-2005-1149
SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters.
1 EDB exploit
NA
CVE-2009-2388
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote malicious users to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Shalwan Opial 1.0
1 EDB exploit
NA
CVE-2006-2116
planetGallery allows remote malicious users to gain administrator privileges via a direct request to admin/gallery_admin.php.
Planet Concept Planetgallery
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »