Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-0740
SQL injection vulnerability in login.php in BlueBird Prelease allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Bluebird Pre-release
1 EDB exploit
6.8
CVSSv2
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-6307
E-topbiz Link Back Checker 1 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "admin."
E-topbiz Link Back Checker 1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote malicious users to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Phpaddedit Phpaddedit 1.3
1 EDB exploit
6.8
CVSSv2
CVE-2008-6750
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.
China-on-site Flexphpdirectory 0.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-0452
Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) uname or (2) pass parameter.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
5
CVSSv2
CVE-2009-0453
Online Grades 3.2.4 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
7.5
CVSSv2
CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
4.3
CVSSv2
CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to inject arbitrary web script or HTML via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
7.5
CVSSv2
CVE-2008-5065
TlGuestBook 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
Easy-script Tlguesbook 1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »