Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beyazkurt vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1445
SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 up to and including 7.0.2 allows remote malicious users to execute arbitrary SQL commands via the layout parameter.
Betaparticle Betaparticle Blog 7.0
Betaparticle Betaparticle Blog
1 EDB exploit
6.8
CVSSv2
CVE-2007-2303
Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
News Manager Deluxe News Manager Deluxe 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6782
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Hosting Directory
1 EDB exploit
7.5
CVSSv2
CVE-2008-6783
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Home Business Directory
1 EDB exploit
7.5
CVSSv2
CVE-2007-1932
Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.
Scar4u Scarnews 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6118
win/content/upload.php in Goople CMS 1.7 allows remote malicious users to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
Goople Cms Goople Cms 1.7
2 EDB exploits
7.5
CVSSv2
CVE-2008-6781
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Gaming Directory
2 EDB exploits
7.5
CVSSv2
CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Phlatline Personal Information Manager
3 EDB exploits
4.3
CVSSv2
CVE-2008-4426
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the date parameter in a new action.
Phlatline Personal Information Manager 1.0
3 EDB exploits
10
CVSSv2
CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-l...
Phlatline Personal Information Manager
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »