Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6553
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote malicious users to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a dele...
Impliedbydesign Micro-cms
1 EDB exploit
NA
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user.
Jeremy Powers Lizardware Cms
Jeremy Powers Lizardware Cms 0.6.0
1 EDB exploit
NA
CVE-2008-5873
Yerba SACphp 6.3 and previous versions allows remote malicious users to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Yerba Yerba 6.28
Yerba Yerba
1 EDB exploit
NA
CVE-2008-5966
globsy_edit.php in Globsy 1.0 and previous versions allows remote malicious users to create or overwrite arbitrary files via a filename in the file parameter and file contents in the data parameter.
Globsy Globsy
1 EDB exploit
NA
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
1 EDB exploit
NA
CVE-2008-6165
SQL injection vulnerability in gestion.php in CSPartner 0.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) pseudo and (2) passe parameters.
Easy-script Cspartner 0.1
1 EDB exploit
NA
CVE-2008-6167
Directory traversal vulnerability in search.php in miniPortail 2.2 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lng parameter.
Miniportail Miniportail 2.2
Miniportail Miniportail 2.1
Miniportail Miniportail 2.0
Miniportail Miniportail 1.9
1 EDB exploit
NA
CVE-2008-6168
Cross-site scripting (XSS) vulnerability in search.php in miniPortail 2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an unspecified argument, probably the search string.
Miniportail Miniportail 2.1
Miniportail Miniportail 2.0
Miniportail Miniportail 2.2
Miniportail Miniportail 1.9
1 EDB exploit
NA
CVE-2008-6249
SQL injection vulnerability in plugins/users/index.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Gwm Galatolo Webmanager
1 EDB exploit
NA
CVE-2008-4675
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Phpcounter Phpcounter 1.3.1
Phpcounter Phpcounter 1.3.0
Phpcounter Phpcounter 1.2.1
Phpcounter Phpcounter 1.2.0
Phpcounter Phpcounter 1.2.5
Phpcounter Phpcounter 1.2.4
Phpcounter Phpcounter 1.2.3
Phpcounter Phpcounter 1.2.2
Phpcounter Phpcounter 1.2.7
Phpcounter Phpcounter 1.2.6
Phpcounter Phpcounter
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »