Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Gwm Galatolo Webmanager
1 EDB exploit
7.5
CVSSv2
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-6290
Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the page_file parameter.
Niclor Include Sito -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6301
SQL injection vulnerability in shoutbox_view.php in the Small ShoutBox module 1.4 for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter in a delete action.
Prezmo Small Shoutbox 1.4
1 EDB exploit
5.1
CVSSv2
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and previous versions for PunBB allow remote malicious users to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) heade...
Punbb Private Messaging System
Punbb Private Messaging System 1.2.0
Punbb Private Messaging System 1.2.1
Punbb Private Messaging System 1.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6314
SQL injection vulnerability in tag_board.php in the Tag Board module 4.0 and previous versions for phpBB allows remote malicious users to execute arbitrary SQL commands via the id parameter in a delete action.
Phpbb Tag Board
1 EDB exploit
7.5
CVSSv2
CVE-2008-6345
SQL injection vulnerability in Forum.php in SolarCMS 0.53.8 and 1.0 allows remote malicious users to execute arbitrary SQL commands via the cat parameter to indes.php. NOTE: some of these details are obtained from third party information.
Cms.maury91 Solarcms 1.0
Cms.maury91 Solarcms 0.53.8
1 EDB exploit
7.5
CVSSv2
CVE-2008-5607
SQL injection vulnerability in the JMovies (aka JM or com_jmovies) component 1.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomitaly Jmovies 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-5708
redirect.php in SlimCMS 1.0.0 does not require authentication, which allows remote malicious users to create administrative users by using the newusername and newpassword parameters and setting the newisadmin parameter to 1.
Slimcms Slimcms 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5737
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Nodstrum Mysql Calendar 1.1
Nodstrum Mysql Calendar 1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »