Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zorlu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1504
Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote malicious users to inject arbitrary web script or HTML via the Lang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party ...
Phpheaven Phpmychat 0.14.5
1 EDB exploit
NA
CVE-2008-4767
Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote malicious users to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of...
Php-nuke Downloadsplus Module
1 EDB exploit
NA
CVE-2008-4803
Cross-site scripting (XSS) vulnerability in index.php in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 allows remote malicious users to inject arbitrary web script or HTML via the gallery parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...
Simple Php Scripts Gallery 0.3
Simple Php Scripts Gallery 0.1
Simple Php Scripts Gallery 0.4
1 EDB exploit
NA
CVE-2008-1983
Cross-site scripting (XSS) vulnerability in Advanced Electron Forum (AEF) 1.0.6 allows remote malicious users to inject arbitrary web script or HTML via the beg parameter in a members action to index.php.
Anelectron Advanced Electron Forum 1.0.6
1 EDB exploit
NA
CVE-2008-7076
Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile photo, then accessing it via a direct request to...
Kalptaru Infotech Stararticles 6.0
1 EDB exploit
NA
CVE-2009-0109
SQL injection vulnerability in index.php in RiotPix 0.61 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
Riotpix Riotpix
Riotpix Riotpix 0.60
Riotpix Riotpix 0.52
Riotpix Riotpix 0.51
Riotpix Riotpix .05
Riotpix Riotpix 0.5
1 EDB exploit
NA
CVE-2010-4856
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote malicious users to execute arbitrary SQL commands via the tarih parameter.
Aspindir Xweblog 2.2
1 EDB exploit
NA
CVE-2008-5486
SQL injection vulnerability in admin.php in TurnkeyForms Text Link Sales allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Turnkeyforms Text Link Sales
1 EDB exploit
NA
CVE-2008-5600
Merlix Teamworx Server stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for teamworx.mdb.
Merlix Teamworx Server Nil
1 EDB exploit
NA
CVE-2008-5603
ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for news.mdb.
Aspapps Aspticker 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »