Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
preprojects vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6230
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Preprojects Pre Podcast Portal -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6232
Pre Shopping Mall allows remote malicious users to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Preprojects Pre Shopping Mall -
2 EDB exploits
4.3
CVSSv2
CVE-2008-5976
Multiple cross-site scripting (XSS) vulnerabilities in siteadmin/forgot.php in PHP JOBWEBSITE PRO allow remote malicious users to inject arbitrary web script or HTML via (1) the adname parameter in a Submit action or (2) the UserName field.
Preprojects Php Jobwebsite Pro
1 EDB exploit
7.5
CVSSv2
CVE-2008-5977
SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote malicious users to execute arbitrary SQL commands via the adname parameter in a Submit action.
Preprojects Php Jobwebsite Pro
1 EDB exploit
5
CVSSv2
CVE-2008-6053
PreProjects Pre Resume Submitter stores onlineresume.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects Pre Resume Submitter
5
CVSSv2
CVE-2008-6055
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects Pre Classified Listings
4.3
CVSSv2
CVE-2010-1371
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote malicious users to inject arbitrary web script or HTML via the address parameter.
Preprojects Pre Classified Listings Asp
7.5
CVSSv2
CVE-2010-1369
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote malicious users to execute arbitrary SQL commands via the email parameter.
Preprojects Pre Classified Listings Asp
1 EDB exploit
7.5
CVSSv2
CVE-2010-1370
SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote malicious users to execute arbitrary SQL commands via the siteid parameter.
Preprojects Pre Classified Listings Asp
7.5
CVSSv2
CVE-2008-6887
SQL injection vulnerability in detailad.asp in Pre Classified Listings 1.0 allows remote malicious users to execute arbitrary SQL commands via the siteid parameter.
Preprojects Pre Classified Listings 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »