Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2152
SQL injection vulnerability in a_index.php in AdaptWeb 0.9.2 allows remote malicious users to execute arbitrary SQL commands via the CodigoDisciplina parameter in a TopicosCadastro1 action.
Isabela Gasparini Adaptweb 0.9.2
1 EDB exploit
NA
CVE-2009-2153
Cross-site scripting (XSS) vulnerability in index.php in Impleo Music Collection 2.0 allows remote malicious users to inject arbitrary web script or HTML via the sort parameter.
Sappy.dk Impleo Music Collection 2.0
1 EDB exploit
NA
CVE-2008-3859
Davlin Thickbox Gallery 2 allows remote malicious users to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.
Davlin Thickbox Gallery 2
1 EDB exploit
NA
CVE-2008-7006
Free PHP VX Guestbook 1.06 allows remote malicious users to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.
Phpversion Php Vx Guestbook 1.06
1 EDB exploit
NA
CVE-2008-7058
Cross-site request forgery (CSRF) vulnerability in BandSite CMS 1.1.4 allows remote malicious users to hijack the authentication of administrators and force a logout via adminpanel/logout.php.
Grayscalecms Bandsite Cms 1.1.4
1 EDB exploit
NA
CVE-2008-6162
Bux.to Clone script allows remote malicious users to bypass authentication and gain administrative access by setting the loggedin cookie to 1 and the usNick cookie to admin.
Bux Bux.to Clone Script -
1 EDB exploit
NA
CVE-2008-6336
Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when register_globals is enabled, allows remote malicious users to read arbitrary local files via directory traversal sequences in the filename parameter.
Rightscripts Text Lines Rearrange Script 1.0
1 EDB exploit
NA
CVE-2009-4722
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Limny Limny 1.01
1 EDB exploit
NA
CVE-2009-4732
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Technotoad Tt Web Site Manager 0.5
1 EDB exploit
NA
CVE-2009-4757
Stack-based buffer overflow in BrotherSoft EW-MusicPlayer 0.8 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: some of these details are obtained from thi...
Evils-world Ew-musicplayer 0.8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »