Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4072
Multiple SQL injection vulnerabilities in index.php in phsBlog 0.2 allow remote malicious users to execute arbitrary SQL commands via (1) the sid parameter in a pickup action or (2) the sql_cid parameter, different vectors than CVE-2008-3588.
Phsdev Phsblog 0.2
1 EDB exploit
NA
CVE-2008-0447
SQL injection vulnerability in index.php in Foojan WMS PHP Weblog 1.0 allows remote malicious users to execute arbitrary SQL commands via the story parameter.
Foojan Php Weblog 1.0
1 EDB exploit
NA
CVE-2008-0353
SQL injection vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 allows remote malicious users to execute arbitrary SQL commands via the cognome_cerca parameter. NOTE: some of these details are obtained from third party information.
Php-residence Php-residence 0.7.2
Php-residence Php-residence 1.0
1 EDB exploit
NA
CVE-2008-0446
SQL injection vulnerability in voircom.php in LulieBlog 1.02 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Julian Pawlowski Lulieblog 1.02
1 EDB exploit
NA
CVE-2008-0452
Directory traversal vulnerability in articles.php in Siteman 1.1.9 allows remote malicious users to read arbitrary files via directory traversal sequences in the cat parameter in a viewart action.
Siteman Siteman 1.1.9
1 EDB exploit
NA
CVE-2008-4591
Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters.
Phpwebgallery Phpwebgallery 1.3.4
1 EDB exploit
NA
CVE-2007-5316
SQL injection vulnerability in browsecats.php in Softbiz Jobs and Recruitment Script allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Softbizscripts Softbiz Jobs And Recruitment Script
1 EDB exploit
NA
CVE-2009-3824
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter.
Michael J Greenwood Php Content Manager 0.3.2
1 EDB exploit
NA
CVE-2008-3556
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote malicious users to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same...
Haudenschilt Battlenet Clan Script 1.5.2
1 EDB exploit
NA
CVE-2007-5997
SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Softbizscripts Banner Exchange Network Script 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »