Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1405
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the set_lng parameter.
Pastel Pastelcms 0.8.0
1 EDB exploit
NA
CVE-2009-4977
PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 allows remote authenticated users to execute arbitrary PHP code via a URL in the main_content parameter.
Tufat Mybackup 1.4.0
1 EDB exploit
NA
CVE-2009-1319
Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php.
Guestcal Guest Cal 2.1
1 EDB exploit
NA
CVE-2009-1952
Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Propertymaxpro Propertymax Pro Free 0.3
1 EDB exploit
NA
CVE-2009-2123
Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_b...
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
NA
CVE-2009-1368
Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1486
Directory traversal vulnerability in pmscript.php in Flatchat 3.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the with parameter.
Ninjadesigns Flatchat 3.0
1 EDB exploit
NA
CVE-2009-4726
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Olivier Michaud Pierre-yves Quickdev4php
1 EDB exploit
NA
CVE-2009-4732
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Technotoad Tt Web Site Manager 0.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »