Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bugreport.ir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2681
Realm CMS 2.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to _db/compact.asp, which reveals the database path in an error message.
Realm Project Realm Cms
1 EDB exploit
NA
CVE-2008-2861
Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and the (3) id and (4) txtEmail parameter...
Elinestudio Site Composer
Elinestudio Site Composer 2.5
1 EDB exploit
NA
CVE-2008-2862
Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp.
Elinestudio Site Composer
1 EDB exploit
NA
CVE-2008-2864
eLineStudio Site Composer (ESC) 2.6 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) trigger.asp or (2) common2.asp in cms/include/, which reveals the database path.
Elinestudio Site Composer
Elinestudio Site Composer 2.5
1 EDB exploit
NA
CVE-2008-2967
Multiple cross-site scripting (XSS) vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to login.php and the (2) glb_sid parameter to hta/htmlare...
Yektaweb Academic Web Tools
1 EDB exploit
NA
CVE-2008-2968
SQL injection vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the book_id parameter.
Yektaweb Academic Web Tools
1 EDB exploit
NA
CVE-2008-2969
Directory traversal vulnerability in download.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allows remote malicious users to read arbitrary files via a .. (dot dot) in the dfile parameter.
Yektaweb Academic Web Tools 1.4.3.1
Yektaweb Academic Web Tools
1 EDB exploit
NA
CVE-2008-2970
Multiple session fixation vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and previous versions, allow remote malicious users to hijack web sessions by setting the PHPSESSID parameter to (1) index.php and (2) login.php in homepg/.
Yektaweb Academic Web Tools
1 EDB exploit
NA
CVE-2007-6078
Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) nc_top.asp; (2) inc_bookmarks.asp, possibly involving a parameter passed from cp_main.asp; (3) inc_profile_functions.asp; or (4...
Skyportal Skyportal Rc6
1 EDB exploit
NA
CVE-2008-1895
Multiple SQL injection vulnerabilities in Carbon Communities 2.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) ID parameter to events.asp, the (2) UserName parameter to getpassword.asp, and possibly an unspecified parameter to (3...
Carboncommunities Carbon Communities 2.3
Carboncommunities Carbon Communities 1.0
Carboncommunities Carbon Communities
Carboncommunities Carbon Communities 1.1
Carboncommunities Carbon Communities 2.1
Carboncommunities Carbon Communities 2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »