Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user.
Jeremy Powers Lizardware Cms
Jeremy Powers Lizardware Cms 0.6.0
1 EDB exploit
NA
CVE-2008-6907
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated b...
2532gigs 2532gigs 1.2.2
1 EDB exploit
NA
CVE-2008-4786
SQL injection vulnerability in easyshop.php in the EasyShop plugin for e107 allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
E107 Easyshop Plugin
1 EDB exploit
NA
CVE-2008-4887
SQL injection vulnerability in index.php in NetRisk 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) profile page (profile.php) or (2) game page (game.php). NOTE: some of these details are obtained from third ...
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
NA
CVE-2008-4888
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
NA
CVE-2008-5000
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
Phpx Phpx 3.5.16
1 EDB exploit
NA
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and previous versions, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the hide parameter, a different vector than...
E107 E107 0.7.11
E107 E107 0.7.13
E107 E107 0.553 Beta
E107 E107 0.549 Beta
E107 E107 0.551 Beta
E107 E107 0.6 12
E107 E107 0.6 11
E107 E107 0.603
E107 E107 0.602
E107 E107 0.609
E107 E107 0.610
E107 E107 0.616
E107 E107 0.617
E107 E107 0.7
E107 E107 0.7.3
E107 E107 5.05
E107 E107 5.04
E107 E107 5.3 Beta2
E107 E107 5.4 Beta1
E107 E107 0.7.10
E107 E107 0.554
E107 E107 0.6 15a
1 EDB exploit
NA
CVE-2008-5873
Yerba SACphp 6.3 and previous versions allows remote malicious users to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Yerba Yerba 6.28
Yerba Yerba
1 EDB exploit
NA
CVE-2008-5966
globsy_edit.php in Globsy 1.0 and previous versions allows remote malicious users to create or overwrite arbitrary files via a filename in the file parameter and file contents in the data parameter.
Globsy Globsy
1 EDB exploit
NA
CVE-2008-6078
SQL injection vulnerability in open.php in the Private Messaging (com_privmsg) component for Limbo CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a pms action to index.php.
Limbo Cms Com Privmsg
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »