Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
website vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45990
A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.
Ecommerce-website Project Ecommerce-website 1.0
4.3
CVSSv2
CVE-2007-2206
Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a leading "<"<" in the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
7.5
CVSSv2
CVE-2007-2207
SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
7.5
CVSSv2
CVE-2018-17840
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter.
Education Website Project Education Website 1.0
6.8
CVSSv2
CVE-2007-3524
Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the level parameter to (1) admin/includes/author_panel_header.php or (2) admin/includes/admin_header.php.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
7.8
CVSSv2
CVE-2007-3525
Ripe Website Manager 0.8.9 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely ...
Ripe Website Manager Ripe Website Manager
NA
CVE-2022-2725
A vulnerability was found in SourceCodester Company Website CMS. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add-blog.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-205838 is the...
Company Website Cms Project Company Website Cms -
NA
CVE-2022-2736
A vulnerability was found in SourceCodester Company Website CMS. It has been classified as critical. This affects an unknown part of the file /dashboard/updatelogo.php of the component Background Upload Logo Icon. The manipulation of the argument xfile/ufile leads to unrestricted...
Company Website Cms Project Company Website Cms -
NA
CVE-2022-2740
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attac...
Company Website Cms Project Company Website Cms -
NA
CVE-2022-2750
A vulnerability, which was classified as critical, was found in SourceCodester Company Website CMS. Affected is an unknown function of the file /dashboard/add-service.php of the component Add Service Handler. The manipulation leads to unrestricted upload. It is possible to launch...
Company Website Cms Project Company Website Cms -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »