Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
waraxe vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2009-0672
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
655
VMScore
CVE-2009-0673
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php.
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
605
VMScore
CVE-2009-0674
images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote malicious users to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the err...
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
655
VMScore
CVE-2009-0677
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with...
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
755
VMScore
CVE-2007-2821
SQL injection vulnerability in wp-admin/admin-ajax.php in WordPress prior to 2.2 allows remote malicious users to execute arbitrary SQL commands via the cookie parameter.
Wordpress Wordpress
1 EDB exploit
1 Github repository
760
VMScore
CVE-2008-0382
Multiple eval injection vulnerabilities in MyBB 1.2.10 and previous versions allow remote malicious users to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.
Mybulletinboard Mybulletinboard 1.0
Mybulletinboard Mybulletinboard 1.0.1
Mybulletinboard Mybulletinboard 1.1.3
Mybulletinboard Mybulletinboard 1.1.4
Mybulletinboard Mybulletinboard 1.2.3
Mybulletinboard Mybulletinboard 1.2.5
Mybulletinboard Mybulletinboard 1.0.2
Mybulletinboard Mybulletinboard 1.0.3
Mybulletinboard Mybulletinboard 1.1.5
Mybulletinboard Mybulletinboard 1.1.7
Mybulletinboard Mybulletinboard 1.0.4
Mybulletinboard Mybulletinboard 1.0 Pr2
Mybulletinboard Mybulletinboard 1.1
Mybulletinboard Mybulletinboard 1.1.8
Mybulletinboard Mybulletinboard 1.10
Mybulletinboard Mybulletinboard 1.1.1
Mybulletinboard Mybulletinboard 1.1.2
Mybulletinboard Mybulletinboard 1.2
Mybulletinboard Mybulletinboard 1.2.10
2 EDB exploits
465
VMScore
CVE-2013-3239
phpMyAdmin 3.5.x prior to 3.5.8 and 4.x prior to 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable f...
Phpmyadmin Phpmyadmin 3.5.7
Phpmyadmin Phpmyadmin 3.5.8
Phpmyadmin Phpmyadmin 3.5.2.1
Phpmyadmin Phpmyadmin 3.5.2.2
Phpmyadmin Phpmyadmin 3.5.1.0
Phpmyadmin Phpmyadmin 3.5.6
Phpmyadmin Phpmyadmin 3.5.0.0
Phpmyadmin Phpmyadmin 3.5.5
Phpmyadmin Phpmyadmin 4.0.0
Phpmyadmin Phpmyadmin 3.5.2.0
Phpmyadmin Phpmyadmin 3.5.3.0
Phpmyadmin Phpmyadmin 3.5.4
1 EDB exploit
405
VMScore
CVE-2013-3241
export.php (aka the export script) in phpMyAdmin 4.x prior to 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.
Phpmyadmin Phpmyadmin 4.0.0
1 EDB exploit
755
VMScore
CVE-2012-2226
Invision Power Board prior to 3.3.1 fails to sanitize user-supplied input which could allow remote malicious users to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Invisioncommunity Invision Power Board
1 EDB exploit
655
VMScore
CVE-2013-3240
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x prior to 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.
Phpmyadmin Phpmyadmin 4.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »