Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-4941
SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the PlayerID parameter in a player save action to index.php.
Joomlamo Com Teams 1 1028 100809 1711
1 EDB exploit
7.5
CVSSv2
CVE-2009-3664
Multiple directory traversal vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to include or execute arbitrary files via a .. (dot dot) in the (1) p and (2) s parameters.
Nullam Nullam Blog 0.1.2
1 EDB exploit
4.3
CVSSv2
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-5751
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote malicious users to execute arbitrary SQL commands via the id parameter in a directory action.
Alstrasoft Web Email Script Enterprise Nil
2 EDB exploits
7.5
CVSSv2
CVE-2008-6242
SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote malicious users to execute arbitrary SQL commands via the where parameter.
Scripts-for-sites Ez E-store -
2 EDB exploits
6.8
CVSSv2
CVE-2009-0730
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, ...
Gigcalendar Com Gigcalendar 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-4980
SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Iscripts Reservelogic 1.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4