Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t0pp8uzz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2348
MeltingIce File System 1.0 allows remote malicious users to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php.
Meltingicefs Meltingice File System 1.0
1 EDB exploit
NA
CVE-2008-1772
iScripts SocialWare stores passwords in cleartext in a database, which allows context-dependent malicious users to obtain sensitive information.
Iscripts Socialware
1 EDB exploit
NA
CVE-2008-1783
Prozilla Reviews 1.0 allows remote malicious users to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.
Prozilla Reviews 1.0
1 EDB exploit
NA
CVE-2008-1791
SQL injection vulnerability in ladder.php in My Gaming Ladder 7.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ladderid parameter.
Mygamingladder Mygamingladder
1 EDB exploit
NA
CVE-2008-1864
SQL injection vulnerability in project.php in Prozilla Freelancers allows remote malicious users to execute arbitrary SQL commands via the project parameter.
Prozilla Prozilla Freelancers
1 EDB exploit
NA
CVE-2008-1870
SQL injection vulnerability in getdata.php in PIGMy-SQL 1.4.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geek247 Pigmy-sql
Geek247 Pigmy-sql 1.4
1 EDB exploit
NA
CVE-2008-1904
Cicoandcico CcMail 1.0.1 and previous versions does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote malicious users to obtain access to the "admin area" via a modified this_cookie cookie.
Cicoandcico Ccmail 1.0
Cicoandcico Ccmail
1 EDB exploit
NA
CVE-2008-6523
auth.php in openInvoice 0.90 beta and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for arbitrary users.
Cale Dunlap Openinvoice 0.90
1 EDB exploit
NA
CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and previous versions allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication...
Cale Dunlap Openinvoice
1 EDB exploit
NA
CVE-2008-6806
Unrestricted file upload vulnerability in includes/imageupload.php in 7Shop 1.1 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/artikel/.
7-shop 7shop
7-shop 7shop 1.0
7-shop 7shop 0.9 Beta
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »