Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-1404
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the user (Username) parameter.
Pastel Pastelcms 0.8.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1024
Multiple SQL injection vulnerabilities in Beerwin PHPLinkAdmin 1.0 allow remote malicious users to execute arbitrary SQL commands via the linkid parameter to edlink.php, and unspecified other vectors.
Beerwin Phplinkadmin 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1025
PHP remote file inclusion vulnerability in linkadmin.php in Beerwin PHPLinkAdmin 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Beerwin Phplinkadmin 1.0
1 EDB exploit
10
CVSSv2
CVE-2009-2111
Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 allows remote malicious users to inject arbitrary PHP code via a crafted (1) url and (2) location parameter.
Jnmsolutions Db Top Sites 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-2123
Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_b...
Elvinbts Elvinbts 1.2.0
1 EDB exploit
5
CVSSv2
CVE-2009-2151
Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the newlang parameter.
Adaptweb Adaptweb 0.9.2
1 EDB exploit
6.4
CVSSv2
CVE-2009-0383
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote malicious users to delete arbitrary blog posts via a direct request.
Mzbservices Max.blog 1.0.6
1 EDB exploit
7.8
CVSSv2
CVE-2008-4155
Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote malicious users to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b...
Easybrik Easysite 2.3
1 EDB exploit
4.3
CVSSv2
CVE-2008-3923
Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
4.3
CVSSv2
CVE-2008-3924
The "Make a backup" functionality in Content Management Made Easy (CMME) 1.12 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover (1) account names and (2) password hashes via a direct request...
Hans Oesterholt Cmme 1.12
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »