Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
preprojects vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-6888
Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings 1.0 allows remote malicious users to inject arbitrary web script or HTML via the address parameter.
Preprojects Pre Classified Listings 1.0
1 EDB exploit
6.5
CVSSv2
CVE-2008-7052
Unrestricted file upload vulnerability in profile.php in Pre Projects Pre Real Estate Listings allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in re_...
Preprojects Pre Real Estate Listings -
1 EDB exploit
7.5
CVSSv2
CVE-2008-4177
SQL injection vulnerability in search.php in Pre Real Estate Listings allows remote malicious users to execute arbitrary SQL commands via the c parameter.
Preprojects Pre Real Estate Listings
1 EDB exploit
7.5
CVSSv2
CVE-2008-2114
SQL injection vulnerability in emall/search.php in Pre Shopping Mall 1.1 allows remote malicious users to execute arbitrary SQL commands via the search parameter.
Preprojects Pre Shopping Mall 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6796
SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote malicious users to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).
Preprojects Pre Real Estate Listings
1 EDB exploit
7.5
CVSSv2
CVE-2008-6798
Multiple SQL injection vulnerabilities in login.php in Pre Projects Pre Real Estate Listings allow remote malicious users to execute arbitrary SQL commands via (1) the us parameter (aka the Username field) or (2) the ps parameter (aka the Password field).
Preprojects Pre Real Estate Listings
1 EDB exploit
7.5
CVSSv2
CVE-2010-4776
SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allows remote malicious users to execute arbitrary SQL commands via the tid2 parameter.
Preprojects Pre Online Tests Generator
1 EDB exploit
7.5
CVSSv2
CVE-2010-0954
SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote malicious users to execute arbitrary SQL commands via the course_ID parameter.
Preprojects Pre E-learning Portal
5
CVSSv2
CVE-2008-6052
PreProjects Pre E-Learning Portal stores db_elearning.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects Pre E-learning Portal
5
CVSSv2
CVE-2008-6054
PreProjects Pre Courier and Cargo Business stores dbcourior.mdb under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request.
Preprojects.com Pre Courier And Cargo Business
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3