Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4386
SQL injection vulnerability in hotel_tiempolibre_ext.php in Venalsur Booking Centre Booking System for Hotels Group, when magic_quotes_gpc is enabled, allows remote malicious users to execute arbitrary SQL commands via the NoticiaID parameter and other unspecified vectors.
Bookingcentre Booking System For Hotels Group -
1 EDB exploit
NA
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
NA
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) ...
Creasito Creasito E-commerce Content Manager 1.3.16
1 EDB exploit
NA
CVE-2009-3494
Multiple SQL injection vulnerabilities in index.php in T-HTB Manager 0.5, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter in a delete_category action, (2) the name parameter in an update_category action, a...
Todor Lazarov T-htb Manager 0.5
1 EDB exploit
NA
CVE-2009-3664
Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-3665
Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-4351
SQL injection vulnerability in ADMIN/loginaction.php in WSCreator 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the Email (aka username) parameter.
Wscreator Wscreator 1.1
1 EDB exploit
NA
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
NA
CVE-2009-1480
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote malicious users to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
Pragyan Cms Project Pragyan Cms 2.6.4
1 EDB exploit
NA
CVE-2010-4794
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote malicious users to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »