Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2009-3421
login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
Zenas Pao-bacheca Guestbook 2.1
1 EDB exploit
NA
CVE-2008-4075
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote malicious users to read arbitrary files via a .. (dot dot) in the topic parameter.
Dino D-iscussion Board 3.01
1 EDB exploit
NA
CVE-2008-4115
TalkBack 2.3.6 allows remote malicious users to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
Talkback Talkback 2.3.6
1 EDB exploit
NA
CVE-2009-3511
Multiple PHP remote file inclusion vulnerabilities in justVisual 1.2 allow remote malicious users to execute arbitrary PHP code via a URL in the fs_jVroot parameter to (1) sites/site/pages/index.php, (2) sites/test/pages/contact.php, (3) system/pageTemplate.php, and (4) system/ut...
Fh54 Justvisual 1.2
1 EDB exploit
NA
CVE-2009-3514
Multiple SQL injection vulnerabilities in d.net CMS allow remote malicious users to execute arbitrary SQL commands via (1) the page parameter to index.php; and allow remote authenticated administrators to execute arbitrary SQL commands via the (2) edit_id and (3) _p parameter in ...
Marcin Manek D.net Cms
1 EDB exploit
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-1247
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Acutecp.rediscussed Acutecp 1.0.0
1 EDB exploit
NA
CVE-2009-1248
Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/.
Acutecp Acute Control Panel 1.0.0
1 EDB exploit
NA
CVE-2009-1367
Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1369
moziloCMS 1.11 allows remote malicious users to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message.
Mozilo Mozilocms 1.11
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »