Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-4456
SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote malicious users to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in ...
Mambo Mambo
Parkview Consultants Simplefaq 2.11
Parkview Consultants Simplefaq 2.40
1 EDB exploit
7.5
CVSSv2
CVE-2007-4736
SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Cartkeeper Ckgold Shopping Cart 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4714
SQL injection vulnerability in error_view.php in Yvora 1.0 allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Yvora Yvora 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4253
SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263.
Envolution Envolution
1 EDB exploit
7.5
CVSSv2
CVE-2007-4597
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 allows remote malicious users to execute arbitrary SQL commands via the s[cid] parameter in a search_list action, a different vector than CVE-2007-2549.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4171
SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) allows remote malicious users to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information.
Auracms Modul Forum Sederhana
1 EDB exploit
7.5
CVSSv2
CVE-2007-4905
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote malicious users to upload and execute arbitrary PHP files via the image parameter, which places a file under files/.
Auracms Auracms 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4