Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-1500
SQL injection vulnerability in index.php in ProjectCMS 1.0 Beta allows remote malicious users to execute arbitrary SQL commands via the sn parameter.
Projectcms Projectcms 1.0 Beta
1 EDB exploit
655
VMScore
CVE-2009-2574
index.php in MiniTwitter 0.2 beta allows remote authenticated users to modify certain options of arbitrary accounts via an opt action.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
685
VMScore
CVE-2009-1488
Directory traversal vulnerability in admin/load.php in FunGamez RC1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter to index.php.
Rens Rikkerink Fungamez -
1 EDB exploit
435
VMScore
CVE-2009-1583
Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 and 1.031 allow remote malicious users to inject arbitrary web script or HTML via the (1) search form; (2) _expresion_de_busqueda, (3) letra, (4) estado_id, and (5) tema parameters to index.php; the (6) PATH_IN...
R020 Tematres 1.031
R020 Tematres 1.0.3
1 EDB exploit
445
VMScore
CVE-2009-1585
Multiple SQL injection vulnerabilities in TemaTres 1.031, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) id_correo_electronico and (2) id_password parameters to login.php. NOTE: the provenance of this information is u...
R020 Tematres 1.031
1 EDB exploit
685
VMScore
CVE-2009-1615
Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.
Gowondesigns Leap 0.1.4
1 EDB exploit
685
VMScore
CVE-2009-1661
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the rating parameter to index.php.
Anoldman Utopic 1.0
1 EDB exploit
435
VMScore
CVE-2009-1809
Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the year parameter to modules/kalender.php, (2) the Page parameter in a List action to modules/ereignis.php, (3) the Kontext parameter ...
Collector Mycolex 1.4.2
1 EDB exploit
435
VMScore
CVE-2009-1811
Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote malicious users to inject arbitrary web script or HTML via (1) the Page parameter in a List action to modules/ereignis.php, (2) the Kontext parameter in a Search action to modules/katego...
Collector Mygesuad 0.9.14
1 EDB exploit
605
VMScore
CVE-2009-1812
Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote malicious users to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via t...
Collector Mygesuad 0.9.14
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »