Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-2096
SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote malicious users to execute arbitrary SQL commands via the itemnr parameter.
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
755
VMScore
CVE-2008-4522
Multiple directory traversal vulnerabilities in JMweb MP3 Music Audio Search and Download Script allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the src parameter to (1) listen.php and (2) download.php.
Jesse-web Jmweb Mp3 Music Audio Search And Download Script
1 EDB exploit
685
VMScore
CVE-2009-4722
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Limny Limny 1.01
1 EDB exploit
505
VMScore
CVE-2009-4726
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Olivier Michaud Pierre-yves Quickdev4php
1 EDB exploit
435
VMScore
CVE-2008-3925
Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) 1.12 allows remote malicious users to trigger the logout of an administrative user via a logout action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
515
VMScore
CVE-2009-0570
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these ...
Ninjadesigns Mailist 3.0
1 EDB exploit
505
VMScore
CVE-2009-0571
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request to the backup directory.
Ninjadesigns Mailist 3.0
1 EDB exploit
755
VMScore
CVE-2009-1247
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Acutecp.rediscussed Acutecp 1.0.0
1 EDB exploit
435
VMScore
CVE-2009-4209
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
Mozilo Mozilocms 1.11.1
1 EDB exploit
605
VMScore
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »