Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qabandi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2585
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote malicious users to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
Mlffat Mlffat 2.2
1 EDB exploit
NA
CVE-2009-2605
Multiple SQL injection vulnerabilities in adminquery.php in Traidnt Up 2.0 allow remote malicious users to execute arbitrary SQL commands via (1) trupuser and (2) truppassword cookies to uploadcp/index.php.
Traidnt Traidnt Up 2.0
1 EDB exploit
NA
CVE-2009-2922
Absolute path traversal vulnerability in pixaria.image.php in Pixaria Gallery 2.0.0 up to and including 2.3.5 allows remote malicious users to read arbitrary files via a base64-encoded file parameter.
Pixaria Pixaria Gallery 2.3.5
Pixaria Pixaria Gallery 2.0.0
1 EDB exploit
NA
CVE-2009-4673
SQL injection vulnerability in profile.php in Mole Group Adult Portal Script allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Mole-group Adult Portal Script -
1 EDB exploit
NA
CVE-2009-4725
Directory traversal vulnerability in modules/aljazeera/admin/setup.php in Arab Portal 2.2 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the...
Arabportal Arab Portal
1 EDB exploit
NA
CVE-2009-4734
SQL injection vulnerability in login.php in Allomani Movies Library (Movies & Clips) 2.7.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action.
Allomani Movies Library 2.7.0
1 EDB exploit
NA
CVE-2009-4735
SQL injection vulnerability in login.php in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a login action.
Allomani Audio \\& Video Library 2.7.0
1 EDB exploit
NA
CVE-2009-4206
SQL injection vulnerability in admin.link.modify.php in Million Dollar Text Links 1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cmsnx Million Dollar Text Links
1 EDB exploit
NA
CVE-2009-4987
admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote malicious users to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211.
Scripteen Free Image Hosting Script 2.3
1 EDB exploit
NA
CVE-2009-3358
SQL injection vulnerability in profile.php in Tourism Scripts Adult Portal escort listing allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Tourismscripts Adult Portal Escort Listing
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2