Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
NA
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) ...
Creasito Creasito E-commerce Content Manager 1.3.16
1 EDB exploit
NA
CVE-2009-3494
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name parameter in an update_category action, a...
Todor Lazarov T-htb Manager 0.5
1 EDB exploit
NA
CVE-2009-3664
Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2010-4937
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php.
Robitbt Com Amblog 1.0
1 EDB exploit
NA
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
NA
CVE-2010-2847
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id par...
Gonzalo Maser Com Artforms 2.1b7.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »