Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4792
SQL injection vulnerability in includes/content/member_content.php in BandSite CMS 1.1.4 allows remote malicious users to execute arbitrary SQL commands via the memid parameter to members.php.
Karl Core Bandsite Cms 1.1.4
1 EDB exploit
NA
CVE-2009-4836
Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote malicious users to execute arbitrary PHP code via the anticode parameter.
Moviephp Movie Php Script 2.0
1 EDB exploit
NA
CVE-2009-2921
Multiple SQL injection vulnerabilities in login.php in MOC Designs PHP News 1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) newsuser parameter (User field) and (2) newspassword parameter (Password field).
Mocdesigns Php News 1.1
1 EDB exploit
NA
CVE-2008-6905
Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
NA
CVE-2008-6010
Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.php; or the (4) action or (5) folder parameter in a security request to admin...
Sg Real Estate Portal Sg Real Estate Portal 2.0
1 EDB exploit
NA
CVE-2009-3158
admin/files.php in simplePHPWeb 0.2 does not require authentication, which allows remote malicious users to perform unspecified administrative actions via unknown vectors. NOTE: some of these details are obtained from third party information.
Carsten Wulff Simplephpweb 0.2
1 EDB exploit
NA
CVE-2009-3216
Multiple directory traversal vulnerabilities in iWiccle 1.01, when magic_quotes_gpc is disabled, allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the show parameter to the admin module, reachable through index.php; or (2) the module parameter to inde...
Wiccle Iwiccle 1.01
1 EDB exploit
9.8
CVSSv3
CVE-2009-3421
login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
Zenas Pao-bacheca Guestbook 2.1
1 EDB exploit
NA
CVE-2009-3422
login.php in Zenas PaoLiber 1.1, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
Zenas Paoliber 1.1
1 EDB exploit
NA
CVE-2009-3506
Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote malicious users to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name parameter to modules.php.
Jean-michel Wyttenbach Cmsphp 0.21
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »