Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-2624
Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) comment parameter to add_comments.php, (2) values parameter to tags_details.php, or (3) begin parameter to greetings.php.
Iscripts Easysnaps 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
Toughtomato Com Ttvideo 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third p...
Anoochit Chalothorn Tiny Blogr 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-2847
Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the viewform parameter in a (1) ferforms or (2) tferforms action to index.php, and the (3) id par...
Gonzalo Maser Com Artforms 2.1b7.2
1 EDB exploit
5
CVSSv2
CVE-2010-2848
Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the l parameter.
Gonzalo Maser Com Artforms 2.1b7.2
1 EDB exploit
7.5
CVSSv2
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2011-0511
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomtraders Com Allcinevid 1.0.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-0409
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Mzbservices Max.blog 1.0.6
1 EDB exploit
6.8
CVSSv2
CVE-2009-4351
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the Email (aka username) parameter.
Wscreator Wscreator 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-4386
SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote malicious users to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.
Bookingcentre Booking System For Hotels Group -
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »