Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
att4ckxt3rr0r1st vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1219
Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote malicious users to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information.
Com Janews Com Janews 1.0
1 EDB exploit
NA
CVE-2014-5112
maint/modules/home/index.php in Fonality trixbox allows remote malicious users to execute arbitrary commands via shell metacharacters in the lang parameter.
Netfortris Trixbox -
1 EDB exploit
NA
CVE-2010-1056
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component prior to 1.0.1 for Joomla! allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
Rockettheme Com Rokdownloads 1.0
Rockettheme Com Rokdownloads 0.93
Rockettheme Com Rokdownloads 0.92
Rockettheme Com Rokdownloads 0.97
Rockettheme Com Rokdownloads 0.91
Rockettheme Com Rokdownloads
Rockettheme Com Rokdownloads 0.98
Rockettheme Com Rokdownloads 0.95
Rockettheme Com Rokdownloads 0.96
Rockettheme Com Rokdownloads 0.94
1 EDB exploit
NA
CVE-2014-10023
Multiple SQL injection vulnerabilities in TopicsViewer 3.0 Beta 1 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) edit_block.php, (2) edit_cat.php, (3) edit_note.php, or (4) rmv_topic.php in admincp/.
Topicsviewer Topicsviewer 3.0
1 EDB exploit
NA
CVE-2013-4953
SQL injection vulnerability in play.php in Top Games Script 1.2 allows remote malicious users to execute arbitrary SQL commands via the gid parameter.
Topgames Top Games Script 1.2
1 EDB exploit
NA
CVE-2014-3935
SQL injection vulnerability in glossaire-aff.php in the Glossaire module 1.0 for XOOPS allows remote malicious users to execute arbitrary SQL commands via the lettre parameter.
Xoops Glossaire Module 1.0
1 EDB exploit
NA
CVE-2010-0764
SQL injection vulnerability in index.php in KuwaitPHP eSmile allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a show action.
Kuwaitphp Esmile
1 EDB exploit
NA
CVE-2007-3519
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Wesmo Phpeventcalendar
2 EDB exploits
5.8
CVSSv3
CVE-2010-0467
Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
Chillcreations Com Ccnewsletter 1.0.5
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2