Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4591
Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters.
Phpwebgallery Phpwebgallery 1.3.4
1 EDB exploit
NA
CVE-2008-4702
Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) user[language] and (2) user[template] parameters to (a) init.inc.php, and (b) the user[language] parameter t...
Phpwebgallery Phpwebgallery 1.3.4
1 EDB exploit
NA
CVE-2008-6353
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the cha parameter.
Asp-cms Asp-cms 1.0
1 EDB exploit
NA
CVE-2008-6990
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote malicious users to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
Ezphotogallery Ezphotogallery 2.1
1 EDB exploit
NA
CVE-2009-0831
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
Php-fusion Members Cv Module 1.0
1 EDB exploit
NA
CVE-2008-3405
Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the action_file parameter.
Nazgulled Nzfotolog 0.4.1
1 EDB exploit
NA
CVE-2008-0325
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Fapersian Petition
1 EDB exploit
NA
CVE-2008-0326
SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter to show.php.
Fascript Fapersianhack 1.0
1 EDB exploit
NA
CVE-2008-0327
SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Famp3 1.0
1 EDB exploit
NA
CVE-2008-0328
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Faname 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »