Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1659
Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote malicious users to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file ...
Intelliants Elitius 1.0
1 EDB exploit
NA
CVE-2008-6715
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
Preprojects Pre Ads Portal
1 EDB exploit
NA
CVE-2008-6718
U&M Software JustBookIt 1.0 does not require administrative authentication for all scripts in the admin/ directory, which allows remote malicious users to have an unspecified impact via a direct request to (1) user_manual.php, (2) user_config.php, (3) user_kundnamn.php, (4) u...
Uochm Justbookit 1.0
1 EDB exploit
NA
CVE-2008-6723
TurnkeyForms Entertainment Portal 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the adminLogged cookie to Administrator.
Turnkeyforms Entertainment Portal 2.0
1 EDB exploit
NA
CVE-2008-6752
adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote malicious users to change the administrator's password and gain privileges via a direct request with mod...
Revou Revou
1 EDB exploit
NA
CVE-2008-5221
The account_save action in admin/userinfo.php in wPortfolio 0.3 and previous versions does not require authentication and does not require knowledge of the original password, which allows remote malicious users to change the admin account password via modified password and passwo...
Wportfolio Wportfolio
Wportfolio Wportfolio 0.2
1 EDB exploit
NA
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote malicious users to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
Turnkeyforms Web Hosting Directory -
1 EDB exploit
NA
CVE-2008-6940
TurnkeyForms Web Hosting Directory stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain a database backup via a direct request to admin/backup/db.
Turnkeyforms Web Hosting Directory -
1 EDB exploit
NA
CVE-2008-6965
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote malicious users to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mai...
Aj Square Aj Auction 2.0
Aj Square Aj Auction Web 2.0
Aj Square Aj Auction 1.0
Aj Square Aj Auction
1 EDB exploit
NA
CVE-2008-7051
AJ Square AJ Article allows remote malicious users to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php...
Ajsquare Aj Article
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »