Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2009-1936
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PH...
Cpcommerce Project Cpcommerce
1 EDB exploit
NA
CVE-2009-2176
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.ph...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
NA
CVE-2009-2177
code/display.php in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a ...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
NA
CVE-2008-4786
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
E107 Easyshop Plugin
1 EDB exploit
NA
CVE-2008-4628
SQL injection vulnerability in del.php in myWebland miniBloggie 1.0 allows remote malicious users to execute arbitrary SQL commands via the post_id parameter.
Mywebland Minibloggie 1.0
1 EDB exploit
NA
CVE-2008-5708
redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote malicious users to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.
Slimcms Slimcms 1.0.0
1 EDB exploit
NA
CVE-2008-5737
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Nodstrum Mysql Calendar 1.2
Nodstrum Mysql Calendar 1.1
1 EDB exploit
NA
CVE-2008-5966
globsy_edit.php in Globsy 1.0 and previous versions allows remote malicious users to create or overwrite arbitrary files via a filename in the file parameter and file contents in the data parameter.
Globsy Globsy
1 EDB exploit
NA
CVE-2006-0123
Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote malicious users to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors.
Adn Forum Adn Forum 1.0
Adn Forum Adn Forum 1.0b
1 EDB exploit
NA
CVE-2008-6165
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
Easy-script Cspartner 0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »