Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injector5 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-7080
Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request for admin/backup/datadump.sql.
Phpclassifiedsscript Php Classifieds Script
1 EDB exploit
5
CVSSv2
CVE-2008-7117
eledicss.php in WeBid auction script 0.5.4 allows remote malicious users to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting (XSS) attacks.
Webidsupport Webid 0.5.4
1 EDB exploit
6.5
CVSSv2
CVE-2008-6518
Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote authenticated users to execute arbitrary code by uploading a PHP file as an Avatar, then accessing the avatar via a direct request.
Vidiscript Vidiscript -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6608
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) ...
Developiteasy Events Calendar 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6656
Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.
Openautoclassifieds Open Auto Classifieds 1.4.3b
1 EDB exploit
7.5
CVSSv2
CVE-2008-4373
SQL injection vulnerability in job_seeker/applynow.php in AvailScript Job Portal Script allows remote malicious users to execute arbitrary SQL commands via the jid parameter.
Availscript Availscript Jobs Portal Script
1 EDB exploit
7.5
CVSSv2
CVE-2008-6003
SQL injection vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 allows remote malicious users to execute arbitrary SQL commands via the seller_id parameter.
Aj Square Aj Auction 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6050
SQL injection vulnerability in the Tech Articles (com_tech_article) 1.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the item parameter to index.php.
Ircmaxell Tech Article 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-5131
Multiple SQL injection vulnerabilities in Develop It Easy News And Article System 1.4 allow remote malicious users to execute arbitrary SQL commands via (1) the aid parameter to article_details.php, and the (2) username and (3) password to the admin panel (admin/index.php).
Develop It Easy News And Article System 1.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-5166
SQL injection vulnerability in riddle.php in Riddles Website 1.2.1 allows remote malicious users to execute arbitrary SQL commands via the riddleid parameter.
Easysitenetwork Riddles Website 1.2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »