Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-2109
Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote malicious users to read arbitrary files via directory traversal sequences in the (1) language parameter to charts.php and the (2) fretsweb_language cookie parameter to unspecified vectors, possibly related ...
Fretsweb Project Fretsweb 1.2
1 EDB exploit
NA
CVE-2009-2259
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2608. Reason: This candidate is a duplicate of CVE-2009-2608. Notes: All CVE users should reference CVE-2009-2608 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
6.8
CVSSv2
CVE-2009-1778
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Bigace Bigace Cms 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-2036
SQL injection vulnerability in index.php in Open Biller 0.1 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Geekbill Open Biller 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-1487
SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote malicious users to execute arbitrary SQL commands via the login_user (aka username) parameter. NOTE: some of these details are obtained from third party information.
Rens Rikkerink Fungamez -
1 EDB exploit
7.5
CVSSv2
CVE-2009-1489
includes/user.php in Fungamez RC1 allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie parameter.
Rens Rikkerink Fungamez -
1 EDB exploit
6.8
CVSSv2
CVE-2009-1500
SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote malicious users to execute arbitrary SQL commands via the sn parameter.
Projectcms Projectcms 1.0 Beta
1 EDB exploit
4.4
CVSSv2
CVE-2009-1585
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is u...
R020 Tematres 1.031
1 EDB exploit
7.5
CVSSv2
CVE-2009-1626
SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Will Kraft Ez-blog -
Will Kraft Ez-blog
1 EDB exploit
7.5
CVSSv2
CVE-2009-2290
SQL injection vulnerability in the Boy Scout Advancement (com_bsadv) component 0.3 and previous versions for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a (1) account or (2) event task to index.php.
Kim Eckert Com Bsadv
Kim Eckert Com Bsadv 0.0
Kim Eckert Com Bsadv 0.1
Kim Eckert Com Bsadv 0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »