Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
laurent gaffie vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3394
Multiple SQL injection vulnerabilities in eNdonesia 8.4 allow remote malicious users to execute arbitrary SQL commands via the (1) artid parameter to mod.php in a viewarticle action (publisher mod) and the (2) bid parameter to banners.php in a click action. NOTE: the mod.php view...
Endonesia Endonesia 8.4
2 EDB exploits
NA
CVE-2007-3000
Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote malicious users to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to G_Display.php or (2) the iSearchID parameter to Search/DisplayResults.php.
Php Jackknife Php Jackknife 2.21
2 EDB exploits
NA
CVE-2006-6082
Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote malicious users to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp.
Creascripts Creadirectory 1.2
2 EDB exploits
NA
CVE-2006-6094
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote malicious users to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_s...
Dotnetindex Active News Manager
2 EDB exploits
NA
CVE-2006-6095
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote malicious users to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the activeNews_categories.asp and activeNews_comments...
Dotnetindex Active News Manager
2 EDB exploits
NA
CVE-2006-6109
Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote malicious users to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp.
Candypress Candypress Store 3.5.2.14
2 EDB exploits
NA
CVE-2006-6147
Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote malicious users to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.
Jiros Links Manager 1.0
2 EDB exploits
NA
CVE-2006-6152
Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote malicious users to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp.
Vspin.net Classified System 2004
2 EDB exploits
NA
CVE-2006-6153
Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote malicious users to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp.
Vspin.net Classified System 2004
2 EDB exploits
NA
CVE-2007-0820
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote malicious users to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of ...
Cedric Claire Portailphp 2
4 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »