Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t0pp8uzz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1875
SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote malicious users to execute arbitrary SQL commands via the photo_id parameter.
Terong Advanced Web Photo Gallery 1.0
1 EDB exploit
NA
CVE-2008-1971
phShoutBox Final 1.5 and previous versions only checks passwords when specified in $_POST, which allows remote malicious users to gain privileges by setting the (1) phadmin cookie to admin.php, or (2) in 1.4 and previous versions, the ssbadmin cookie to shoutadmin.php.
Phphq Phshoutbox Final
1 EDB exploit
NA
CVE-2007-6392
SQL injection vulnerability in DWdirectory 2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the search parameter to the /search URI.
Dominion Web Dwdirectory
1 EDB exploit
NA
CVE-2008-6209
SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter.
Vastal Software Zone -
1 EDB exploit
NA
CVE-2008-3124
SQL injection vulnerability in index.php in Mole Group Hotel Script 1.0 allows remote malicious users to execute arbitrary SQL commands via the file parameter.
Mole Group Hotel Script 1.0
1 EDB exploit
NA
CVE-2008-3125
SQL injection vulnerability in index.php in Mole Group Lastminute Script 4.0 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Mole Group Lastminute Script 4.0
1 EDB exploit
NA
CVE-2008-2282
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote malicious users to bypass authentication by setting the login_admin cookie to true.
Thomas Voecking Internet Photoshow Null
1 EDB exploit
NA
CVE-2008-2823
SQL injection vulnerability in newsarchive.php in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the post parameter.
Phpeasynews Phpeasyblog
1 EDB exploit
NA
CVE-2008-4877
SQL injection vulnerability in admin.php in WebCards 1.3, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the user parameter. NOTE: some of these details are obtained from third party information.
Mywebcards Webcards
1 EDB exploit
NA
CVE-2008-0440
AlstraSoft Forum Pay Per Post Exchange 2.0 stores passwords in cleartext, which makes it easier for malicious users to access user accounts.
Alstrasoft Forum Pay Per Post Exchange 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »