Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh underground vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2907
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the eml parameter.
Webchamado Webchamado 1.1
1 EDB exploit
NA
CVE-2008-2961
Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter.
Cmsmini Cms Mini 0.2.2
1 EDB exploit
NA
CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Myblog Myblog
1 EDB exploit
NA
CVE-2008-2965
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the forum parameter.
Jaxbot Jaxultrabb
1 EDB exploit
NA
CVE-2008-2993
Multiple directory traversal vulnerabilities in index.php in FOG Forum 0.8.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) fog_lang and (2) fog_skin parameters, probably related to libs/required/share.inc; and possibly the...
Fog Fog Forum 0.8.1
1 EDB exploit
NA
CVE-2008-3026
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Oneclick Cms Oneclick Cms 2008-01-24
1 EDB exploit
NA
CVE-2008-2046
Cross-site scripting (XSS) vulnerability in index.php in Softpedia SiteXS CMS 0.1.1 Pre-Alpha allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
Softpedia Sitexs Cms 0.1.1
1 EDB exploit
NA
CVE-2008-4245
The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or perform unspecified other administrative actions via vectors involving an adm...
Rianxosencabos Cms Rianxosencabos Cms 0.9
1 EDB exploit
NA
CVE-2008-2694
Cross-site scripting (XSS) vulnerability in search.php in phpInv 0.8.0 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Phpinv Phpinv 0.8.0
1 EDB exploit
NA
CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Myblog Myblog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »