Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5219
The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and previous versions does not check for administrative authentication and does not require knowledge of the original password, which allows remote malicious users to change the admin account password via modified...
Videoscript Videoscript
1 EDB exploit
NA
CVE-2009-1659
Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote malicious users to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file ...
Intelliants Elitius 1.0
1 EDB exploit
NA
CVE-2006-6819
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a backup database via a direct request for admin/backup/db.
Alstrasoft Webhost Directory
1 EDB exploit
NA
CVE-2008-5565
Cross-site request forgery (CSRF) vulnerability in admin/settings.php in DL PayCart 1.34 and previous versions allows remote malicious users to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters.
Dinkumsoft Dl Paycart 1.01
Dinkumsoft Dl Paycart
1 EDB exploit
NA
CVE-2008-5651
SQL injection vulnerability in plugins/bookmarker/bookmarker_backend.php in MyioSoft EasyBookMarker 4.0 allows remote malicious users to execute arbitrary SQL commands via the Parent parameter.
Myiosoft Easybookmarker 4.0
1 EDB exploit
NA
CVE-2008-7044
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to execute arbitrary SQL commands via the ques parameter.
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2009-2003
Ascad Networks Password Protector SD 1.3.1 allows remote malicious users to bypass authentication and gain administrative access by setting the (1) c7portal and (2) cookname cookies to "admin."
Ascadnetworks Password Protector Sd 1.3.1
2 EDB exploits
NA
CVE-2008-5650
SQL injection vulnerability in the login directory in AlstraSoft Web Host Directory allows remote malicious users to execute arbitrary SQL commands via the pwd parameter.
Alstrasoft Webhost Directory Nil
2 EDB exploits
NA
CVE-2008-5655
Multiple SQL injection vulnerabilities in MyioSoft EasyBookMarker 4.0 allow remote malicious users to execute arbitrary SQL commands via the (1) delete_folder and (2) delete_link parameters to unspecified vectors, possibly to (a) plugins/bookmarker/bookmarker_backend.php or (b) a...
Myiosoft Easybookmarker 4.0
2 EDB exploits
NA
CVE-2009-1642
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote malicious users to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also s...
Mini-stream Mini-stream To Mp3 Converter 3.0.0.7
6 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »