Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-0739
SQL injection vulnerability in login.php in MyNews 0.10 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Mynews 0.10
1 EDB exploit
7.5
CVSSv2
CVE-2009-0740
SQL injection vulnerability in login.php in BlueBird Prelease allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Bluebird Pre-release
1 EDB exploit
7.5
CVSSv2
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
1 EDB exploit
5
CVSSv2
CVE-2009-0866
pHNews Alpha 1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for extra/genbackup.php.
Phnews Phnews 1
1 EDB exploit
6.8
CVSSv2
CVE-2009-0452
Multiple SQL injection vulnerabilities in parents/login.php in Online Grades 3.2.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) uname or (2) pass parameter.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
7.5
CVSSv2
CVE-2009-4807
Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php.
Graugon Php Article Publisher 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6237
SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Scripts-for-sites Hotscripts-like Site -
1 EDB exploit
6.8
CVSSv2
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.7
China-on-site Flexphpsite 0.0.1
1 EDB exploit
5
CVSSv2
CVE-2009-0453
Online Grades 3.2.4 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Onlinegrades Online Grades 3.2.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote malicious users to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Phpaddedit Phpaddedit 1.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »