Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0106
SQL injection vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to execute arbitrary SQL commands via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
NA
CVE-2008-5065
TlGuestBook 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
Easy-script Tlguesbook 1.2
1 EDB exploit
NA
CVE-2009-0403
SQL injection vulnerability in admin/authenticate.php in Chipmunk Blogger Script allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Chipmunk Scripts Chipmunk Blogger
1 EDB exploit
NA
CVE-2009-0452
Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) uname or (2) pass parameter.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
NA
CVE-2009-0453
Online Grades 3.2.4 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
NA
CVE-2009-0739
SQL injection vulnerability in login.php in MyNews 0.10 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Mynews 0.10
1 EDB exploit
NA
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
1 EDB exploit
NA
CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 1.1
1 EDB exploit
NA
CVE-2009-0864
S-Cms 1.1 Stable allows remote malicious users to bypass authentication and obtain administrative access via an OK value for the login cookie.
Matteoiammarrone S-cms 1.1
1 EDB exploit
NA
CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for extra/genbackup.php.
Phnews Phnews 1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »