Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
don vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0832
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and previous versions component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the surano parameter in a viewayat action.
Joomla Kemas Antonius Com Quran
Mambo Kemas Antonius Com Quran
1 EDB exploit
NA
CVE-2008-1297
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Joomla Com Ewriting 1.2.1
Mambo Com Ewriting 1.2.1
Ewriting Ewriting 1.2.1
1 EDB exploit
NA
CVE-2008-3708
Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter to (1) news/index.dot and (2) getting_started/macros/macros_detail.dot.
Dotcms Dotcms 1.6.0.9
1 EDB exploit
NA
CVE-2008-7042
PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 up to and including 1.11 allows remote malicious users to execute arbitrary PHP code via a URL in the tmp_sid parameter.
Freshscripts Fresh Email Script 1.0
Freshscripts Fresh Email Script 1.11
1 EDB exploit
NA
CVE-2007-6668
admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not require administrative privileges, which allows remote malicious users to perform unrestricted file uploads, as demonstrated by uploading (1) a .php file and (2) a .php%00.jpeg file.
Peergoal Myspace Content Zone
1 EDB exploit
NA
CVE-2008-7043
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 up to and including 1.11 allows remote malicious users to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session...
Freshscripts Fresh Email Script 1.0
Freshscripts Fresh Email Script 1.11
1 EDB exploit
NA
CVE-2009-3333
PHP remote file inclusion vulnerability in koesubmit.php in the koeSubmit (com_koesubmit) component 1.0 for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Alibasta Com Koesubmit 1.0
1 EDB exploit
NA
CVE-2009-3434
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
Onestopjoomla Com Tupinambis 1.0
1 EDB exploit
NA
CVE-2009-4785
SQL injection vulnerability in the Quick News (com_quicknews) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the newsid parameter in a view_item action to index.php.
Bhavesh Chauhan Com Quicknews
1 EDB exploit
NA
CVE-2010-4774
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
Auracms Auracms 1.62
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »