Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyber-zone vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-6380
SQL injection vulnerability in default.aspx in Active Web Helpdesk 2.0 allows remote malicious users to execute arbitrary SQL commands via the CategoryID parameter.
Activewebsoftwares Active Web Helpdesk 2.0
1 EDB exploit
505
VMScore
CVE-2008-6387
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request to qtv.mdb.
Activewebsoftwares Quick Tree View .net 3.1
1 EDB exploit
755
VMScore
CVE-2008-6390
SQL injection vulnerability in login.asp in Ocean12 Membership Manager Pro allows remote malicious users to execute arbitrary SQL commands via the Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Ocean12tech Membership Manager Pro -
1 EDB exploit
505
VMScore
CVE-2008-6580
The Red_Reservations script for ColdFusion stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database via a direct request to (1) makered.mdb and (2) makered97.mdb.
Funscripts Red Reservations -
1 EDB exploit
755
VMScore
CVE-2008-6796
SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote malicious users to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).
Preprojects Pre Real Estate Listings
1 EDB exploit
935
VMScore
CVE-2009-1351
Heap-based buffer overflow in Apollo 37zz allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Heikki Ylinen Apollo 37zz
1 EDB exploit
755
VMScore
CVE-2008-5292
SQL injection vulnerability in view_snaps.php in VideoGirls BiZ allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Videogirls Videogirls Biz Nil
1 EDB exploit
755
VMScore
CVE-2008-6285
SQL injection vulnerability in index.php in PHP TV Portal 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the mid parameter.
Businessvein Php Tv Portal
1 EDB exploit
755
VMScore
CVE-2009-1746
SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote malicious users to execute arbitrary SQL commands via the id parameter in a detail action.
Diangemilang Dgnews 3.0 Beta
1 EDB exploit
755
VMScore
CVE-2008-6917
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote malicious users to execute arbitrary SQL commands via the username (user parameter).
Exoscripts Exophpdesk 1.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »