Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2008-3133
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Barenuked Barenuked Cms 1.1.0
1 EDB exploit
755
VMScore
CVE-2008-3200
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an affich_message action.
Easy-script Avlc Forum
1 EDB exploit
435
VMScore
CVE-2008-2046
Cross-site scripting (XSS) vulnerability in index.php in Softpedia SiteXS CMS 0.1.1 Pre-Alpha allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
Softpedia Sitexs Cms 0.1.1
1 EDB exploit
405
VMScore
CVE-2008-5272
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, re...
Syndeocms Syndeocms 2.6.0
1 EDB exploit
435
VMScore
CVE-2008-5639
Directory traversal vulnerability in index.php in TxtBlog 1.0 Alpha allows remote malicious users to read arbitrary files via a .. (dot dot) in the m parameter.
Txtblogcms Txtblog 1.0
1 EDB exploit
685
VMScore
CVE-2008-6665
change.php in Ananta CMS 1.0b5, with magic_quotes_gpc disabled, allows remote malicious users to gain administrator privileges via a crafted email parameter, possibly related to code injection.
Anantasoft Ananta Cms 1.0b5
1 EDB exploit
435
VMScore
CVE-2008-5271
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote malicious users to inject arbitrary web script or HTML via the section parameter.
Syndeocms Syndeocms 2.6.0
1 EDB exploit
685
VMScore
CVE-2008-5636
SQL injection vulnerability in cate.php in Lito Lite CMS, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Lovedesigner Lito Lite Cms Nil
1 EDB exploit
435
VMScore
CVE-2008-2398
Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the appservlang parameter.
Appserv Open Project Appserv 1.4.0
Appserv Open Project Appserv 1.5.0
Appserv Open Project Appserv 2.2.0
Appserv Open Project Appserv 2.3.0
Appserv Open Project Appserv 2.4.5
Appserv Open Project Appserv 2.4.6
Appserv Open Project Appserv 2.5.4
Appserv Open Project Appserv 2.5.4a
Appserv Open Project Appserv 1.8.0
Appserv Open Project Appserv 1.9.0
Appserv Open Project Appserv 2.4.2
Appserv Open Project Appserv 2.4.3
Appserv Open Project Appserv 2.4.9
Appserv Open Project Appserv 2.5
Appserv Open Project Appserv 2.5.1
Appserv Open Project Appserv 2.5.7
Appserv Open Project Appserv 2.5.8
Appserv Open Project Appserv 1.6.0
Appserv Open Project Appserv 1.7.0
Appserv Open Project Appserv 2.4
Appserv Open Project Appserv 2.4.1
Appserv Open Project Appserv 2.4.7
1 EDB exploit
435
VMScore
CVE-2008-2458
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the st parameter.
4shared Starsgames Control Panel
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »