Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t0pp8uzz vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-1872
SQL injection vulnerability in home.news.php in Comdev News Publisher 4.1.2 allows remote malicious users to execute arbitrary SQL commands via the arcmonth parameter. NOTE: some of these details are obtained from third party information.
Comdev Comdev News Publisher 4.1.2
1 EDB exploit
405
VMScore
CVE-2008-6199
2532designs 2532|Gigs 1.2.2 and previous versions allows remote malicious users to trigger a backup and obtain sensitive information via a direct request to backup.php, which creates backup.sql under the web root with insufficient access control.
2532gigs 2532gigs 1.2.1
2532gigs 2532gigs
1 EDB exploit
755
VMScore
CVE-2007-3881
SQL injection vulnerability in index.php in Pictures Rating (Picture Rating) allows remote malicious users to execute arbitrary SQL commands via the msgid parameter.
Pictures Rating Pictures Rating
1 EDB exploit
685
VMScore
CVE-2007-3979
SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote malicious users to execute arbitrary SQL commands via the news_id parameter.
Netart Media Blog System
1 EDB exploit
755
VMScore
CVE-2007-3981
SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a displaycat action.
Wsn Links Wsn Links
1 EDB exploit
755
VMScore
CVE-2008-6523
auth.php in openInvoice 0.90 beta and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users.
Cale Dunlap Openinvoice 0.90
1 EDB exploit
655
VMScore
CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and previous versions allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication...
Cale Dunlap Openinvoice
1 EDB exploit
755
VMScore
CVE-2007-3520
SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store allows remote malicious users to execute arbitrary SQL commands via the CategoryID parameter.
Easybe 1-2-3 Music Store
1 EDB exploit
755
VMScore
CVE-2008-1784
Prozilla Topsites 1.0 allows remote malicious users to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/.
Prozilla Topsites 1.0
1 EDB exploit
555
VMScore
CVE-2008-1785
delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.
Prozilla Top 100 1.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »