Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and previous versions for PunBB allow remote malicious users to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) heade...
Punbb Private Messaging System 1.2.2
Punbb Private Messaging System
Punbb Private Messaging System 1.2.1
Punbb Private Messaging System 1.2.0
1 EDB exploit
NA
CVE-2008-6301
SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter in a delete action.
Prezmo Small Shoutbox 1.4
1 EDB exploit
NA
CVE-2008-6290
Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the page_file parameter.
Niclor Include Sito -
1 EDB exploit
NA
CVE-2009-0728
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Maxdev My Egallery -
1 EDB exploit
NA
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
NA
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Gwm Galatolo Webmanager
1 EDB exploit
NA
CVE-2008-6248
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to inject arbitrary web script or HTML via the tag parameter.
Galatolo Galatolo Webmanager 1.3a
1 EDB exploit
NA
CVE-2008-6167
Directory traversal vulnerability in search.php in miniPortail 2.2 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.
Miniportail Miniportail 2.2
Miniportail Miniportail 2.1
Miniportail Miniportail 2.0
Miniportail Miniportail 1.9
1 EDB exploit
NA
CVE-2008-6168
Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an unspecified argument, probably the search string.
Miniportail Miniportail 2.1
Miniportail Miniportail 2.0
Miniportail Miniportail 2.2
Miniportail Miniportail 1.9
1 EDB exploit
NA
CVE-2008-6165
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
Easy-script Cspartner 0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »