Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
waraxe vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-0383
Multiple SQL injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote moderators and administrators to execute arbitrary SQL commands via (1) the mergepost parameter in a do_mergeposts action, (2) rid parameter in an allreports action, or (3) threads parameter ...
Mybb Mybb
1 EDB exploit
265
VMScore
CVE-2007-5710
Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote malicious users to inject arbitrary web script or HTML via the posts_columns array parameter.
Wordpress Wordpress 2.3
1 EDB exploit
505
VMScore
CVE-2009-2160
TorrentTrader Classic 1.09 allows remote malicious users to (1) obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote malicious users to (2) obtain other potentially sensitive information via a direct request to ...
Torrenttrader Torrenttrader Classic 1.09
1 EDB exploit
505
VMScore
CVE-2009-0678
images/captcha.php in RavenNuke 2.30 allows remote malicious users to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message.
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
755
VMScore
CVE-2013-7375
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 up to and including 7.02.05 allows remote malicious users to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.05
1 EDB exploit
755
VMScore
CVE-2004-1929
SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x up to and including 7.2 allows remote malicious users to bypass authentication and gain access by injecting base64-encoded SQL code into the user parameter.
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 5.5
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.1
1 EDB exploit
685
VMScore
CVE-2007-5092
Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in an ACCEPT_FILE array parameter to modules.php.
Multimedia Dance Music Module For Phpnuke
1 EDB exploit
755
VMScore
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
1 EDB exploit
435
VMScore
CVE-2013-1804
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to inject arbitrary web script or HTML via the (1) highlight parameter to forum/viewthread.php; or remote authenticated users with certain permissions to inject arbitra...
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.03
1 EDB exploit
NA
CVE-2013-1805
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1806. Reason: This issue was MERGED into CVE-2013-1806 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should referen...
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »