Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-0383
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote malicious users to delete arbitrary blog posts via a direct request.
Mzbservices Max.blog 1.0.6
1 EDB exploit
NA
CVE-2008-7057
Cross-site scripting (XSS) vulnerability in merchandise.php in BandSite CMS 1.1.4 allows remote malicious users to inject arbitrary HTML or web script via the type parameter.
Grayscalecms Bandsite Cms 1.1.4
1 EDB exploit
NA
CVE-2009-0570
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these ...
Ninjadesigns Mailist 3.0
1 EDB exploit
NA
CVE-2009-2096
SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote malicious users to execute arbitrary SQL commands via the itemnr parameter.
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
NA
CVE-2009-2110
Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php.
Jnmsolutions Db Top Sites 1.0
1 EDB exploit
NA
CVE-2009-2124
Directory traversal vulnerability in page.php in Elvin 1.2.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2123
Multiple SQL injection vulnerabilities in Elvin 1.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) inUser (aka Username) and (2) inPass (aka Password) parameters to (a) inc/login.ei, reachable through login.php; and the (3) id parameter to (b) show_b...
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2127
Cross-site scripting (XSS) vulnerability in show_activity.php in Elvin 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
NA
CVE-2009-2129
Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote malicious users to hijack the authentication of arbitrary users via a logout action.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »