Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injector5 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-7116
SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote malicious users to execute arbitrary SQL commands via the username.
Webidsupport Webid 0.5.4
1 EDB exploit
855
VMScore
CVE-2008-6367
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.
Socialgroupie Social Groupie -
1 EDB exploit
755
VMScore
CVE-2008-6003
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote malicious users to execute arbitrary SQL commands via the seller_id parameter.
Aj Square Aj Auction 2.0
1 EDB exploit
435
VMScore
CVE-2008-6004
Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote malicious users to inject arbitrary web script or HTML via the product parameter.
Aj Square Aj Auction 2.0
1 EDB exploit
755
VMScore
CVE-2008-6050
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the item parameter to index.php.
Ircmaxell Tech Article 1.0.1
1 EDB exploit
755
VMScore
CVE-2008-6484
SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote malicious users to execute arbitrary SQL commands via the user field.
Mole-group Taxi Calc Dist Script -
1 EDB exploit
755
VMScore
CVE-2008-2124
SQL injection vulnerability in modules/print.asp in fipsASP fipsCMS allows remote malicious users to execute arbitrary SQL commands via the lg parameter.
Fipsasp Fipscms 2.1
1 EDB exploit
685
VMScore
CVE-2008-2180
Multiple SQL injection vulnerabilities in cpLinks 1.03, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) admin_username parameter (aka the username field) to admin/index.php and the (2) search_text and (3) search_catego...
Cplinks Cplinks 1.03
1 EDB exploit
435
VMScore
CVE-2008-2181
Multiple cross-site scripting (XSS) vulnerabilities in search.php in cpLinks 1.03 allow remote malicious users to inject arbitrary web script or HTML via the (1) search_text and (2) search_category parameters. NOTE: the XSS reportedly occurs in a forced SQL error message. NOTE: s...
Cplinks Cplinks 1.03
1 EDB exploit
605
VMScore
CVE-2008-7021
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unsp...
Availscript Jobs Portal Script -
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »