Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1843
Multiple SQL injection vulnerabilities in Flash Quiz Beta 2 allow remote malicious users to execute arbitrary SQL commands via the (1) quiz parameter to (a) num_questions.php, (b) answers.php, (c) high_score.php, (d) high_score_web.php, (e) results_table_web.php, and (f) question...
Glenn Mcgurrin Flash Quiz Beta2
1 EDB exploit
NA
CVE-2009-2109
Multiple directory traversal vulnerabilities in FretsWeb 1.2 allow remote malicious users to read arbitrary files via directory traversal sequences in the (1) language parameter to charts.php and the (2) fretsweb_language cookie parameter to unspecified vectors, possibly related ...
Fretsweb Project Fretsweb 1.2
1 EDB exploit
NA
CVE-2009-2113
Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php.
Fretsweb Project Fretsweb 1.2
1 EDB exploit
NA
CVE-2009-2451
Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote malicious users to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form.
Mim.infinix Infinix
1 EDB exploit
NA
CVE-2009-2573
Multiple SQL injection vulnerabilities in MiniTwitter 0.2 beta, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via the (1) user parameter to (a) index.php and (b) rss.php.
Bioscripts Minitwitter 0.2 Beta
1 EDB exploit
NA
CVE-2009-2608
Multiple SQL injection vulnerabilities in PHP Address Book 4.0.x allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to delete.php or (2) alphabet parameter to index.php. NOTE: the edit.php and view.php vectors are already covered by CVE-2008-2...
Chatelao Php Address Book 4.0.1
Chatelao Php Address Book 4.0.2
1 EDB exploit
NA
CVE-2009-4936
Multiple SQL injection vulnerabilities in Small Pirate (SPirate) 2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to the default URI in an rss .xml action, or the id parameter to (2) pag1.php, (3) pag1-guest.php, (4) rss-comment_post.php...
Spirate Small Pirate 2.1
1 EDB exploit
NA
CVE-2009-1799
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parame...
Sebastian-thiele St-gallery 0.1 Alpha
1 EDB exploit
NA
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 2.1.1
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 3.4.3
Php-address Book Php-address Book
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 2.6
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 3.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 1.0
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1.4
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4