Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6535
admin/settings.php in PayPal eStores allows remote malicious users to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
Paypalestores Paypal Estores -
1 EDB exploit
NA
CVE-2008-6963
admin.php in TurnkeyForms Text Link Sales allows remote malicious users to bypass authentication and gain administrative privileges via a direct request.
Turnkeyforms Text Link Sales
1 EDB exploit
NA
CVE-2008-6965
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote malicious users to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mai...
Aj Square Aj Auction Web 2.0
Aj Square Aj Auction 2.0
Aj Square Aj Auction 1.0
Aj Square Aj Auction
1 EDB exploit
NA
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
NA
CVE-2009-4674
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote malicious users to change an arbitrary password via a modified user_id field.
Mole-group Sky Hunter Airline Ticket Sale Script -
Mole-group Bus Ticket Script -
1 EDB exploit
NA
CVE-2009-4675
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote malicious users to change the admin password via an unspecified form submission.
Mole-group Gastro Portal \\(restaurant Directory\\) Script -
1 EDB exploit
NA
CVE-2008-6629
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Webbdomain Webshop Online 1.02
1 EDB exploit
NA
CVE-2008-6715
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
Preprojects Pre Ads Portal
1 EDB exploit
NA
CVE-2008-5037
SQL injection vulnerability in view.php in ElkaGroup Image Gallery 1.0 allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Elkagroup Image Gallery 1.0
1 EDB exploit
NA
CVE-2008-5221
The account_save action in admin/userinfo.php in wPortfolio 0.3 and previous versions does not require authentication and does not require knowledge of the original password, which allows remote malicious users to change the admin account password via modified password and passwo...
Wportfolio Wportfolio
Wportfolio Wportfolio 0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »