Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
515
VMScore
CVE-2008-5418
Directory traversal vulnerability in login.php in the PunPortal module prior to 2.0 for PunBB allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
Justin Roy Punportal Module 1.0
1 EDB exploit
755
VMScore
CVE-2008-5491
SQL injection vulnerability in edit.php in SlimCMS 1.0.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pageID parameter.
Slimcms Slimcms
1 EDB exploit
785
VMScore
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote malicious users to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
755
VMScore
CVE-2009-0728
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Maxdev My Egallery -
1 EDB exploit
685
VMScore
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
1 EDB exploit
755
VMScore
CVE-2008-6345
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote malicious users to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information.
Cms.maury91 Solarcms 0.53.8
Cms.maury91 Solarcms 1.0
1 EDB exploit
505
VMScore
CVE-2008-3205
Directory traversal vulnerability in index.php in Easy-Script Wysi Wiki Wyg 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the c parameter.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
755
VMScore
CVE-2008-5607
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomitaly Jmovies 1.1
1 EDB exploit
435
VMScore
CVE-2008-6727
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and previous versions 2.x versions allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Myupb Upb 2.2.2
Myupb Upb 2.2.1
Myupb Upb 2.1.1b
Myupb Upb 2.0
1 EDB exploit
515
VMScore
CVE-2008-6777
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the...
Myphp Myphp Forum 1.0
Myphp Myphp Forum 2.0
Myphp Myphp Forum
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »