Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
preprojects vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6230
SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Preprojects Pre Podcast Portal -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6232
Pre Shopping Mall allows remote malicious users to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Preprojects Pre Shopping Mall -
2 EDB exploits
4.3
CVSSv2
CVE-2008-6715
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
Preprojects Pre Ads Portal
1 EDB exploit
7.5
CVSSv2
CVE-2008-6716
homeadmin/adminhome.php in Pre ADS Portal 2.0 and previous versions does not require administrative authentication, which allows remote malicious users to have an unspecified impact via a direct request.
Preprojects Pre Ads Portal
1 EDB exploit
7.5
CVSSv2
CVE-2008-2917
SQL injection vulnerability in productsofcat.asp in E-SMART CART allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Preprojects E-smart Cart
1 EDB exploit
5
CVSSv2
CVE-2008-6055
PreProjects Pre Classified Listings stores pclasp.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects Pre Classified Listings
7.5
CVSSv2
CVE-2008-2114
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote malicious users to execute arbitrary SQL commands via the search parameter.
Preprojects Pre Shopping Mall 1.1
1 EDB exploit
5
CVSSv2
CVE-2008-6052
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects Pre E-learning Portal
7.5
CVSSv2
CVE-2010-4776
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote malicious users to execute arbitrary SQL commands via the tid2 parameter.
Preprojects Pre Online Tests Generator
1 EDB exploit
7.5
CVSSv2
CVE-2008-6798
Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote malicious users to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).
Preprojects Pre Real Estate Listings
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »