Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria-security team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6091
Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and possibly JiRo's Upload Manager (aka JiRo's Upload System or JUS), allow remote malicious users to execute arbitrary SQL commands via the (1) Username (aka Login or Emai...
Jiro Banner System 2.0
1 EDB exploit
NA
CVE-2007-5679
SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote malicious users to execute arbitrary SQL commands via the id parameter in the media page (build_media_content.php). NOTE: it was later reported that 0.7.4 is also affected.
Deeemm Dmcms 0.7.0
Deeemm Dmcms 0.7.4
1 EDB exploit
NA
CVE-2007-5625
Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 allows remote malicious users to inject arbitrary web script or HTML via the QUERY parameter.
Simongibson Asp Site Search Searchsimon Lite 1.0
1 EDB exploit
NA
CVE-2007-4208
SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote malicious users to execute arbitrary SQL commands via the (1) Users_Email or (2) Users_Password parameter in an ExecuteTheLogin action.
Morgan Ids Next Gen Portfolio Manager
1 EDB exploit
NA
CVE-2007-4106
SQL injection vulnerability in login.asp in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Pay Roll - Time Sheet
Codewidgets Punch Card
1 EDB exploit
NA
CVE-2007-4109
SQL injection vulnerability in sign_in.aspx in WebStore (Online Store Application Template) allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Online Event Registration Template
1 EDB exploit
NA
CVE-2007-4110
SQL injection vulnerability in sign_in.aspx in Message Board / Threaded Discussion Forum Application Template allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Threaded Discussion Forum Application
1 EDB exploit
NA
CVE-2007-4111
SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote malicious users to execute arbitrary SQL commands via the Password parameter.
Codewidgets Real Estate Listing Website Application Template
1 EDB exploit
NA
CVE-2007-4115
Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote malicious users to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.
Itcms Itcms 0.2
3 EDB exploits
NA
CVE-2007-4095
SQL injection vulnerability in BSM Store Dependent Forums 1.02 allows remote malicious users to execute arbitrary SQL commands via a Username field in an unspecified component, probably the FrmUserName parameter in login.asp.
Bsm Store Dependent Forums 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »