Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imei vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1912
MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote malicious users to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site...
Mybulletinboard Mybulletinboard 1.10
1 EDB exploit
NA
CVE-2006-0372
Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow remote malicious users to execute arbitrary SQL commands via the (1) blogphp_username or (2) blogphp_password parameter in a cookie.
Insane Visions Blogphp 1.0
1 EDB exploit
NA
CVE-2006-0885
Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via the show parameter.
Cutephp Cutenews 1.4.1
1 EDB exploit
NA
CVE-2006-1040
Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote malicious users to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.
Jelsoft Vbulletin 3.0.12
Jelsoft Vbulletin 3.5.3
1 EDB exploit
NA
CVE-2006-0733
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote malicious users to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author's website" field. NOTE: followup comments to the researcher&...
Wordpress Wordpress 2.0
1 EDB exploit
NA
CVE-2006-4273
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote malicious users to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explore...
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.6.0
1 EDB exploit
NA
CVE-2007-4419
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote malicious users to guess the cookie and access the Admin area.
Olate Olatedownload 3.4.1
1 EDB exploit
NA
CVE-2006-0470
Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote malicious users to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection.
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Final
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4