Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aria-security team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6247
Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote malicious users to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp.
Uapplication Uphotogallery 1.1
2 EDB exploits
NA
CVE-2006-6243
Multiple SQL injection vulnerabilities in index.asp in FipsSHOP allow remote malicious users to execute arbitrary SQL commands via the (1) cat or (2) did parameter.
Fipsasp Fipsshop
1 EDB exploit
NA
CVE-2006-6198
Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport...
Cpanel Webhost Manager 3.1.0
7 EDB exploits
NA
CVE-2006-6207
SQL injection vulnerability in products.asp in Evolve shopping cart (aka Evolve Merchant) allows remote malicious users to execute arbitrary SQL commands via the partno parameter. NOTE: the vendor disputes this issue, stating that it is a forced SQL error
Lynx Internet Solutions Evolve Merchant
1 EDB exploit
NA
CVE-2006-6209
Multiple SQL injection vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart allow remote malicious users to execute arbitrary SQL commands via the (1) id2006quant parameter to (a) item_show.asp, or the (2) maingroup or (3) secondgroup parameter to (b) item_lis...
Midicart Software Midicart Asp Plus Shopping Cart
Midicart Software Midicart Asp Shopping Cart
1 EDB exploit
NA
CVE-2006-6210
SQL injection vulnerability in listpics.asp in ASP ListPics 5.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Iisworks Asp Listpics 5.0
1 EDB exploit
NA
CVE-2006-6181
Multiple SQL injection vulnerabilities in default.asp in ClickTech ClickContact allow remote malicious users to execute arbitrary SQL commands via the (1) AlphaSort, (2) In, and (3) orderby parameters.
Clicktech Clickcontact
1 EDB exploit
NA
CVE-2006-6189
SQL injection vulnerability in displayCalendar.asp in ClickTech Click Blog allows remote malicious users to execute arbitrary SQL commands via the date parameter.
Clicktech Clickblog
1 EDB exploit
NA
CVE-2006-6195
Multiple SQL injection vulnerabilities in Fixit iDMS Pro Image Gallery allow remote malicious users to execute arbitrary SQL commands via the (1) show_id or (2) parentid parameter to (a) filelist.asp, or the (3) fid parameter to (b) showfile.asp.
Fixit Knowledge Solutions Idms Pro Image Gallery
2 EDB exploits
NA
CVE-2006-6088
Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) n or (2) d parameter in igallery.asp, or (3) an unspecified parameter related to search, possibly the Search Gallery fie...
Blue-collar Productions I-gallery 3.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »