Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh underground vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2961
Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) path and (2) p parameter.
Cmsmini Cms Mini 0.2.2
1 EDB exploit
NA
CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Myblog Myblog
1 EDB exploit
NA
CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Myblog Myblog
1 EDB exploit
NA
CVE-2008-2965
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the forum parameter.
Jaxbot Jaxultrabb
1 EDB exploit
NA
CVE-2008-2966
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and previous versions allows remote malicious users to read arbitrary local files via a .. (dot dot) in the user parameter. party information.
Jaxultrabb Jaxultrabb
1 EDB exploit
NA
CVE-2008-2997
Cross-site scripting (XSS) vulnerability in index.php in Gravity Board X (GBX) 2.0 Beta allows remote malicious users to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit (aka create new thread) action.
Gravityboardx Gravity Board X 2.0
1 EDB exploit
NA
CVE-2008-3026
SQL injection vulnerability in index.php in OneClick CMS (aka Sisplet CMS) 2008-01-24 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Oneclick Cms Oneclick Cms 2008-01-24
1 EDB exploit
NA
CVE-2008-3033
RSS-aggregator 1.0 does not require administrative authentication for the admin/fonctions/ directory, which allows remote malicious users to access admin functions and have unspecified other impact, as demonstrated by (1) an IdFlux request to supprimer_flux.php and (2) a TpsRafra...
Rss Aggregator Rss Aggregator 1.0
1 EDB exploit
NA
CVE-2008-3036
Directory traversal vulnerability in index.php in CMS little 0.0.1 allows remote malicious users to include and execute arbitrary local files, and probably remote files, via a .. (dot dot) in the template parameter.
Cms Little Cms Little 0.0.1
1 EDB exploit
NA
CVE-2008-3133
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Barenuked Barenuked Cms 1.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »