Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aliaksandr hartsuyeu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0310
Cross-site scripting (XSS) vulnerability in aoblogger 2.3 allows remote malicious users to inject arbitrary Javascript via a javascript URI in the BBcode url tag.
Mike Helton Aoblogger 2.3
1 EDB exploit
NA
CVE-2006-0345
Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote malicious users to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058.
Saral Kaushik Saralblog 1.0
1 EDB exploit
NA
CVE-2006-0417
SQL injection vulnerability in login.php in miniBloggie 1.0 and previous versions, when gpc_magic_quotes is disabled, allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.
Mywebland Minibloggie
1 EDB exploit
NA
CVE-2006-0443
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment.
Cheesyblog Cheesyblog 1.0
1 EDB exploit
NA
CVE-2006-0462
SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote malicious users to execute arbitrary SQL commands via the entrada parameter.
Andonet Andonet Blog 2004.09.02
1 EDB exploit
NA
CVE-2006-0473
Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote malicious users to inject arbitrary Javascript via a javascript URI in BBcode link tags.
My Little Homepage My Little Weblog 2004-04-20
1 EDB exploit
NA
CVE-2010-4783
Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) siteurl and (2) urlbanner parameters.
Phpwebscripts Easy Banner Free 2009.05.18
1 EDB exploit
NA
CVE-2010-4784
Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Phpwebscripts Easy Banner Free 2009.05.18
1 EDB exploit
NA
CVE-2011-1060
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote malicious users to execute arbitrary SQL commands via the wsnuser cookie to index.php.
Webmastersite Wsn Guest 1.24
1 EDB exploit
NA
CVE-2006-1234
SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header.
Dsportal Dscounter 1.2
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »