Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria-security team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4022
Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote malicious users to inject arbitrary web script or HTML via the resname parameter.
Cpanel Cpanel 10.9.1
1 EDB exploit
NA
CVE-2007-3987
SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote malicious users to execute arbitrary SQL commands via the SearchWord parameter.
Junction Quest Image Racer 1.0
1 EDB exploit
NA
CVE-2006-7118
SQL injection vulnerability in index.asp in DMXReady Site Engine Manager 1.0 allows remote malicious users to execute arbitrary SQL commands via the mid parameter.
Dmxready Site Engine Manager 1.0
1 EDB exploit
NA
CVE-2007-0399
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 RC3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) recipient or (2) BCC field when selecting send in a pm action.
Simple Machines Simple Machines Forum 1.1 Rc3
1 EDB exploit
NA
CVE-2006-6936
Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote malicious users to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.
Pensacola Web Designs Xtremeasp Photogallery 2.0
1 EDB exploit
NA
CVE-2006-6937
SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote malicious users to inject arbitrary SQL commands via the sortorder parameter.
Pensacola Web Designs Xtremeasp Photogallery 2.0
1 EDB exploit
NA
CVE-2006-6932
Multiple SQL injection vulnerabilities in Image Gallery with Access Database allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to (a) dispimage.asp, or the (2) order or (3) page parameter to (b) default.asp.
Image Gallery With Access Database Image Gallery With Access Database
2 EDB exploits
NA
CVE-2006-6523
Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote malicious users to inject arbitrary web script or HTML via the account parameter.
Cpanel Cpanel 11
1 EDB exploit
NA
CVE-2006-6367
Multiple SQL injection vulnerabilities in detail.asp in DUware DUdownload 1.1, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) iFile or (2) action parameter. NOTE: the iType parameter is already covered by CVE-2005-3976.
Duware Dunews 1.0
Duware Dunews 1.1
Duware Dudownload 1.0
Duware Dudownload 1.1
Duware Dupaypal 3.0
Duware Dupaypal 3.1
Duware Dupaypal Pro 3.0
Duware Dupaypal Pro 3.1
1 EDB exploit
NA
CVE-2006-6355
SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote malicious users to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by CVE-2005-2049.
Duware Duclassmate
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »