Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
laurent gaffie vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5958
Multiple cross-site scripting (XSS) vulnerabilities in INFINICART allow remote malicious users to inject arbitrary web script or HTML via the (1) username and (2) password fields in (a) login.asp, (3) search field in (b) search.asp, and (4) email field in (c) sendpassword.asp.
Infinicart Infinicart
3 EDB exploits
NA
CVE-2007-3001
Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife (PHPJK) allow remote malicious users to inject arbitrary web script or HTML via (1) the sUName parameter to UserArea/Authenticate.php, (2) the sAccountUnq parameter to UserArea/NewAccounts/index.php, or the (3) ...
Php Jackknife Php Jackknife 2.21
3 EDB exploits
NA
CVE-2006-6208
Multiple SQL injection vulnerabilities in Enthrallweb eClassifieds allow remote malicious users to execute arbitrary SQL commands via the (1) AD_ID, (2) cat_id, (3) sub_id, and (4) ad_id parameters to (a) ad.asp, the (5) cid parameter to (b) dircat.asp, and the (6) sid parameter ...
Enthrallweb Eclassifieds
3 EDB exploits
NA
CVE-2006-6067
Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Estate Listing System) allow remote malicious users to execute arbitrary SQL commands via the (1) itemID parameter to (a) f-email.asp, or the (2) peopleID and (2) sort_order parameters to (b) listings.asp, differe...
20 20 Applications 20 20 Datashed 1.0
2 EDB exploits
NA
CVE-2006-6342
Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote malicious users to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in (b) detail.asp.
Klf-design Klf-realty
2 EDB exploits
NA
CVE-2006-5945
Multiple SQL injection vulnerabilities in MGinternet Car Site Manager (CSM) allow remote malicious users to execute arbitrary SQL commands via the (1) p parameter to (a) csm/asp/detail.asp, or the (2) l, (3) typ, or (4) loc parameter to (b) csm/asp/listings.asp.
Mginternet Car Site Manager
2 EDB exploits
NA
CVE-2006-6095
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote malicious users to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments...
Dotnetindex Active News Manager
2 EDB exploits
NA
CVE-2006-6109
Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote malicious users to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp.
Candypress Candypress Store 3.5.2.14
2 EDB exploits
NA
CVE-2006-6147
Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote malicious users to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.
Jiros Links Manager 1.0
2 EDB exploits
NA
CVE-2006-6152
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote malicious users to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
Vspin.net Classified System 2004
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »