Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2009-2573
Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
655
VMScore
CVE-2009-2574
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
685
VMScore
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
755
VMScore
CVE-2009-4936
Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the id parameter to (2) pag1.php, (3) pag1-guest.php, (4) rss-comment_post.php...
Spirate Small Pirate 2.1
1 EDB exploit
755
VMScore
CVE-2009-2451
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.
Mim.infinix Infinix
1 EDB exploit
435
VMScore
CVE-2009-1583
Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 and 1.031 allow remote malicious users to inject arbitrary web script or HTML via the (1) search form; (2) _expresion_de_busqueda, (3) letra, (4) estado_id, and (5) tema parameters to index.php; the (6) PATH_IN...
R020 Tematres 1.031
R020 Tematres 1.0.3
1 EDB exploit
445
VMScore
CVE-2009-1585
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is u...
R020 Tematres 1.031
1 EDB exploit
685
VMScore
CVE-2009-1615
Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.
Gowondesigns Leap 0.1.4
1 EDB exploit
685
VMScore
CVE-2009-1778
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Bigace Bigace Cms 2.5
1 EDB exploit
685
VMScore
CVE-2009-1799
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parame...
Sebastian-thiele St-gallery 0.1 Alpha
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »