Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2574
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
NA
CVE-2009-2259
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2608. Reason: This candidate is a duplicate of CVE-2009-2608. Notes: All CVE users should reference CVE-2009-2608 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2009-1488
Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php.
Rens Rikkerink Fungamez -
1 EDB exploit
NA
CVE-2009-1585
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is u...
R020 Tematres 1.031
1 EDB exploit
NA
CVE-2009-1615
Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.
Gowondesigns Leap 0.1.4
1 EDB exploit
NA
CVE-2009-2451
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.
Mim.infinix Infinix
1 EDB exploit
NA
CVE-2009-1843
Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote malicious users to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question...
Glenn Mcgurrin Flash Quiz Beta2
1 EDB exploit
NA
CVE-2009-1408
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote malicious users to inject arbitrary web script or HTML allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated u...
Webspell Webspell 4.2.0c
1 EDB exploit
NA
CVE-2009-1487
SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote malicious users to execute arbitrary SQL commands via the login_user (aka username) parameter. NOTE: some of these details are obtained from third party information.
Rens Rikkerink Fungamez -
1 EDB exploit
NA
CVE-2009-1489
includes/user.php in Fungamez RC1 allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie parameter.
Rens Rikkerink Fungamez -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »