Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
imei vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-4419
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote malicious users to guess the cookie and access the Admin area.
Olate Olatedownload 3.4.1
1 EDB exploit
4.3
CVSSv2
CVE-2006-0470
Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote malicious users to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection.
Mybulletinboard Mybulletinboard 1.0 Final
Mybulletinboard Mybulletinboard 1.0 Rc4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0 Rc2
Mybulletinboard Mybulletinboard 1.0 Preview Release 2
1 EDB exploit
4.3
CVSSv2
CVE-2006-0885
Cross-site scripting (XSS) vulnerability in show_news.php in CuteNews 1.4.1 allows remote malicious users to inject arbitrary web script or HTML via the show parameter.
Cutephp Cutenews 1.4.1
1 EDB exploit
5
CVSSv2
CVE-2006-1909
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote malicious users to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences...
Coppermine Coppermine Photo Gallery 1.4.4
1 EDB exploit
6.8
CVSSv2
CVE-2006-4273
Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote malicious users to inject arbitrary web script or HTML by uploading an attachment with a .pdf extension that contains JavaScript, which is processed as script by Microsoft Internet Explore...
Jelsoft Vbulletin 3.5.4
Jelsoft Vbulletin 3.6.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-1040
Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote malicious users to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.
Jelsoft Vbulletin 3.5.3
Jelsoft Vbulletin 3.0.12
1 EDB exploit
5.8
CVSSv2
CVE-2006-1912
MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote malicious users to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site...
Mybulletinboard Mybulletinboard 1.10
1 EDB exploit
7.5
CVSSv2
CVE-2006-0372
Multiple SQL injection vulnerabilities in config.php in Insane Visions BlogPHP, possibly 1.0, allow remote malicious users to execute arbitrary SQL commands via the (1) blogphp_username or (2) blogphp_password parameter in a cookie.
Insane Visions Blogphp 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4