Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-2846
Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 RC2 for Joomla! allows remote malicious users to inject arbitrary web script or HTML via the afmsg parameter to index.php.
Gonzalo Maser Com Artforms 2.1b7.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) ...
Creasito Creasito E-commerce Content Manager 1.3.16
1 EDB exploit
7.5
CVSSv2
CVE-2009-3665
Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
6.8
CVSSv2
CVE-2010-4638
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the q parameter in a submitSurvey action to ...
Iptechinside Com Jquarks4s 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4926
SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ct_id parameter in a timetrack action to index.php.
Timetrack Com Timetrack 1.2.4
1 EDB exploit
6.8
CVSSv2
CVE-2010-4517
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the char parameter in an item action to index.php.
Harmistechnology Com Jeauto 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1480
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote malicious users to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
Pragyan Cms Project Pragyan Cms 2.6.4
1 EDB exploit
7.5
CVSSv2
CVE-2010-4937
Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php.
Robitbt Com Amblog 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »