Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ka0x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6128
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote malicious users to execute arbitrary SQL commands via the idevent parameter.
Flor De Utopia Workingonweb 2.0.1400
1 EDB exploit
NA
CVE-2009-4561
Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Worms-league Webleague 2.2.0
1 EDB exploit
NA
CVE-2008-0254
SQL injection vulnerability in activate.php in TutorialCMS (aka Photoshop Tutorials) 1.02, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the userName parameter.
Wavelink Media Tutorialcms 1.02
1 EDB exploit
NA
CVE-2008-0329
LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) article_suppr.php, (2) comment_accepter.php, and (3) comment_refuser.php in Admin/, which allows remote malicious users to accept comments, delete comments, and delete articles via the id parameter.
Julien Plesniak Lulieblog 1.0.1
Julien Plesniak Lulieblog 1.0.2
1 EDB exploit
NA
CVE-2008-0219
SQL injection vulnerability in soporte_horizontal_w.php in PHP Webquest 2.6 allows remote malicious users to execute arbitrary SQL commands via the id_actividad parameter, a different vector than CVE-2007-4920.
Php Webquest Php Webquest 2.6
1 EDB exploit
NA
CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote malicious users to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as...
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
2 EDB exploits
NA
CVE-2008-3152
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote malicious users to execute arbitrary SQL commands via the idDirectory parameter.
Orbitscripts Smartppc Pro
Orbitscripts Smartppc
2 EDB exploits
NA
CVE-2008-4244
Rianxosencabos CMS 0.9 allows remote malicious users to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
Rianxosencabos Cms Rianxosencabos Cms 0.9
2 EDB exploits
NA
CVE-2008-5778
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote malicious users to execute arbitrary SQL commands via the linkid parameter.
Flds Script Flds 1.2a
2 EDB exploits
NA
CVE-2008-0262
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote malicious users to execute arbitrary SQL commands via the articlecat parameter.
Agares Media Phpautovideo 2.21
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2