Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1826
modules/admuser.php in myGesuad 0.9.14 (aka 0.9) does not require administrative authentication, which allows remote authenticated users to list user accounts via a Find action.
Collector Mygesuad 0.9.14
1 EDB exploit
NA
CVE-2009-1910
SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote malicious users to execute arbitrary SQL commands via the AlbumId parameter.
Rafal Kucharski Rtwebalbum 1.0.462
1 EDB exploit
NA
CVE-2009-2037
Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and previous versions, and possibly 3.2.6, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] ...
Onlinegrades Online Grades
Onlinegrades Online Grades 3.2.4
1 EDB exploit
NA
CVE-2009-2109
Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote malicious users to read arbitrary files via directory traversal sequences in the (1) language parameter to charts.php and the (2) fretsweb_language cookie parameter to unspecified vectors, possibly related ...
Fretsweb Project Fretsweb 1.2
1 EDB exploit
NA
CVE-2009-2113
Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php.
Fretsweb Project Fretsweb 1.2
1 EDB exploit
NA
CVE-2009-2290
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and previous versions for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php.
Kim Eckert Com Bsadv
Kim Eckert Com Bsadv 0.1
Kim Eckert Com Bsadv 0.0
Kim Eckert Com Bsadv 0.2
1 EDB exploit
NA
CVE-2009-1778
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Bigace Bigace Cms 2.5
1 EDB exploit
NA
CVE-2009-2010
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) thread parameter to messageboard.php, (2) member parameter to profile.php, (3) pid paramet...
Haudenschilt Family Connections Cms
Haudenschilt Family Connections Cms 1.4
Haudenschilt Family Connections Cms 0.1.2
Haudenschilt Family Connections Cms 1.8.1
Haudenschilt Family Connections Cms 0.5
Haudenschilt Family Connections Cms 0.1.1
Haudenschilt Family Connections Cms 0.9
Haudenschilt Family Connections Cms 1.8.2
Haudenschilt Family Connections Cms 0.8
Haudenschilt Family Connections Cms 0.6
1 EDB exploit
NA
CVE-2009-2036
SQL injection vulnerability in index.php in Open Biller 0.1 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Geekbill Open Biller 0.1
1 EDB exploit
NA
CVE-2009-2573
Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »