Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3388
Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote malicious users to execute arbitrary SQL commands via the article parameter to (1) comaddok.php and (2) comlook.php.
Easy-script Def Blog 1.0.3
2 EDB exploits
7.5
CVSSv2
CVE-2008-3034
Multiple SQL injection vulnerabilities in RSS-aggregator 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) IdFlux parameter to admin/fonctions/supprimer_flux.php and the (2) IdTag parameter to admin/fonctions/supprimer_tag.php.
Rss Aggregator Rss Aggregator 1.0
2 EDB exploits
4.3
CVSSv2
CVE-2008-6700
Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) mytable parameter to view.php, (2) mytable parameter to viewdb2.php, (3) tablehere parameter to category-rename.php, an...
Butterflymedia Butterfly Organizer 2.0.0
1 EDB exploit
5.8
CVSSv2
CVE-2008-6735
Directory traversal vulnerability in qc/index.php in ThaiQuickCart 3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the sLanguage cookie.
Thaiquickcart Thaiquickcart 3
1 EDB exploit
7.5
CVSSv2
CVE-2008-2875
SQL injection vulnerability in index.php in Webdevindo-CMS 1.0.0 allows remote malicious users to execute arbitrary SQL commands via the hal parameter.
Webdevindo-cms Webdevindo-cms 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-3026
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Oneclick Cms Oneclick Cms 2008-01-24
1 EDB exploit
7.5
CVSSv2
CVE-2008-3027
SQL injection vulnerability in get_article.php in VanGogh Web CMS 0.9 allows remote malicious users to execute arbitrary SQL commands via the article_ID parameter to index.php.
Vangogh Web Cms Vangogh Web Cms 0.9
1 EDB exploit
6.8
CVSSv2
CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Myblog Myblog
1 EDB exploit
7.5
CVSSv2
CVE-2008-2993
Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the...
Fog Fog Forum 0.8.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-3178
Unrestricted file upload vulnerability in upload_pictures.php in WebXell Editor 0.1.3 allows remote malicious users to execute arbitrary code by uploading a .php file with a jpeg content type, then accessing it via a direct request to the file in upload/.
Webxell Webxell Editor 0.1.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »