Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
silentz vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2007-3235
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote malicious users to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.
Fuzzylime Forum Fuzzylime Forum 1.0
1 EDB exploit
935
VMScore
CVE-2007-2822
TutorialCMS 1.01 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php.
Wavelink Media Tutorialcms
1 EDB exploit
435
VMScore
CVE-2007-2901
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified vectors.
Dokeos Dokeos
1 EDB exploit
755
VMScore
CVE-2007-2902
SQL injection vulnerability in main/auth/my_progress.php in Dokeos 1.8.0 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the course parameter.
Dokeos Dokeos
1 EDB exploit
755
VMScore
CVE-2007-2942
SQL injection vulnerability in user.php in My Little Forum 1.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
My Little Homepage My Little Forum
1 EDB exploit
1000
VMScore
CVE-2007-2985
Pheap 2.0 allows remote malicious users to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arb...
Pheap Pheap 2.0
1 EDB exploit
760
VMScore
CVE-2007-3088
SQL injection vulnerability in index.php in Comicsense allows remote malicious users to execute arbitrary SQL commands via the epi parameter.
Gaya Design Comicsense
2 EDB exploits
760
VMScore
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.10
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3