Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote malicious users to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
Turnkeyforms Web Hosting Directory -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6966
AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass authentication via a direct request to admin/user.php.
Aj Square Aj Auction 1.0
1 EDB exploit
6.4
CVSSv2
CVE-2008-7045
AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
Ajsquare Free Polling Script
1 EDB exploit
7.5
CVSSv2
CVE-2008-6349
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Turnkeyforms Business Survey Pro 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-6629
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Webbdomain Webshop Online 1.02
1 EDB exploit
7.5
CVSSv2
CVE-2009-4675
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote malicious users to change the admin password via an unspecified form submission.
Mole-group Gastro Portal \\(restaurant Directory\\) Script -
1 EDB exploit
6.4
CVSSv2
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a backup database via a direct request for admin/backup/db.
Alstrasoft Webhost Directory
1 EDB exploit
7.5
CVSSv2
CVE-2008-5037
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Elkagroup Image Gallery 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6227
SQL injection vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls allows remote malicious users to execute arbitrary SQL commands via the (1) sid and (2) cid parameters.
Preproject Pre Multi-vendor Shopping Malls -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6228
Pre Multi-Vendor Shopping Malls allows remote malicious users to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Preproject Pre Multi-vendor Shopping Malls -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »