Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ka0x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0329
LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.php, and (3) comment_refuser.php in Admin/, which allows remote malicious users to accept comments, delete comments, and delete articles via the id parameter.
Julien Plesniak Lulieblog 1.0.1
Julien Plesniak Lulieblog 1.0.2
1 EDB exploit
NA
CVE-2008-0601
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
All Club Cms All Club Cms
1 EDB exploit
NA
CVE-2007-6128
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote malicious users to execute arbitrary SQL commands via the idevent parameter.
Flor De Utopia Workingonweb 2.0.1400
1 EDB exploit
NA
CVE-2008-4145
SQL injection vulnerability in user_read_links.php in Addalink 1.0 beta 4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Addalink Addalink
1 EDB exploit
NA
CVE-2009-4561
Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Worms-league Webleague 2.2.0
1 EDB exploit
NA
CVE-2008-0262
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote malicious users to execute arbitrary SQL commands via the articlecat parameter.
Agares Media Phpautovideo 2.21
2 EDB exploits
NA
CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote malicious users to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as...
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
2 EDB exploits
NA
CVE-2008-5778
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote malicious users to execute arbitrary SQL commands via the linkid parameter.
Flds Script Flds 1.2a
2 EDB exploits
NA
CVE-2008-3152
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote malicious users to execute arbitrary SQL commands via the idDirectory parameter.
Orbitscripts Smartppc Pro
Orbitscripts Smartppc
2 EDB exploits
NA
CVE-2008-4244
Rianxosencabos CMS 0.9 allows remote malicious users to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
Rianxosencabos Cms Rianxosencabos Cms 0.9
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2