Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0049
Geckovich TaskTracker Pro 1.5 and previous versions allows remote malicious users to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.
Geckovich Tasktracker 1.4
Geckovich Tasktracker Pro
1 EDB exploit
NA
CVE-2007-0092
SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 allows remote malicious users to execute arbitrary SQL commands via the product_id parameter.
E-smart Cart E-smart Cart 1.0
1 EDB exploit
NA
CVE-2007-0128
SQL injection vulnerability in info_book.asp in Digirez 3.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the book_id parameter.
Digiappz Digirez
1 EDB exploit
NA
CVE-2007-0129
SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the subcatID parameter.
Locazo Locazolist Classifieds
1 EDB exploit
NA
CVE-2007-0144
Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated malicious users to inject arbitrary web script or HTML via the ordernum parameter.
Digitizing Quote And Ordering System Digitizing Quote And Ordering System 1.0
1 EDB exploit
NA
CVE-2007-1805
SQL injection vulnerability in genre.php in the debaser 0.92 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the genreid parameter.
Myxoops Debaser
1 EDB exploit
NA
CVE-2007-1806
SQL injection vulnerability in categos.php in the RM+Soft Gallery (rmgallery) 1.0 module for Xoops allows remote malicious users to execute arbitrary SQL commands via the idcat parameter.
Red Mexico Rm\\+soft Gallery 1.0
1 EDB exploit
NA
CVE-2007-1807
SQL injection vulnerability in modules/myalbum/viewcat.php in the myAlbum-P 2.0 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Peak Xoops Myalbum P
1 EDB exploit
NA
CVE-2007-1808
SQL injection vulnerability in show.php in the Camportail 1.1 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the camid parameter in a showcam action.
Camportail Camportail
1 EDB exploit
NA
CVE-2007-1810
SQL injection vulnerability in product_details.php in the Kshop 1.17 and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Kaotik Kshop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »