Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2699
Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in (1) the plugin parameter to admin/plugins.php or (2) the com parameter to index.php.
Gwm Galatolo Webmanager 1.0
1 EDB exploit
NA
CVE-2008-6727
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and previous versions 2.x versions allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Myupb Upb 2.2.2
Myupb Upb 2.2.1
Myupb Upb 2.1.1b
Myupb Upb 2.0
1 EDB exploit
NA
CVE-2008-6777
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the...
Myphp Myphp Forum 1.0
Myphp Myphp Forum 2.0
Myphp Myphp Forum
1 EDB exploit
NA
CVE-2008-6805
Multiple SQL injection vulnerabilities in Mic_Blog 0.0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) cat parameter to category.php, the (2) user parameter to login.php, and the (3) site parameter to register.php.
Micgr Mic Blog 0.0.3
1 EDB exploit
NA
CVE-2008-6907
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated b...
2532gigs 2532gigs 1.2.2
1 EDB exploit
NA
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote malicious users to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
NA
CVE-2008-5323
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
NA
CVE-2008-3031
Directory traversal vulnerability in index.php in Simple PHP Agenda 2.2.4 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Simple Php Agenda Simple Php Agenda 2.2.0
Simple Php Agenda Simple Php Agenda 2.2.1
Simple Php Agenda Simple Php Agenda 2.0.0
Simple Php Agenda Simple Php Agenda 2.1.0
Simple Php Agenda Simple Php Agenda 2.2.2
Simple Php Agenda Simple Php Agenda 2.2.3
Simple Php Agenda Simple Php Agenda
1 EDB exploit
NA
CVE-2008-6248
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to inject arbitrary web script or HTML via the tag parameter.
Galatolo Galatolo Webmanager 1.3a
1 EDB exploit
NA
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »