Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4591
Multiple cross-site scripting (XSS) vulnerabilities in admin/include/isadmin.inc.php in PhpWebGallery 1.3.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) lang[access_forbiden] and (2) lang[ident_title] parameters.
Phpwebgallery Phpwebgallery 1.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-4702
Multiple directory traversal vulnerabilities in PhpWebGallery 1.3.4 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) user[language] and (2) user[template] parameters to (a) init.inc.php, and (b) the user[language] parameter t...
Phpwebgallery Phpwebgallery 1.3.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-6353
SQL injection vulnerability in index.asp in ASP-CMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the cha parameter.
Asp-cms Asp-cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6990
SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote malicious users to execute arbitrary SQL commands via the password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa...
Ezphotogallery Ezphotogallery 2.1
1 EDB exploit
6
CVSSv2
CVE-2009-0831
SQL injection vulnerability in members.php in the Members CV (job) module 1.0 for PHP-Fusion, when magic_quotes_gpc is disabled, allows remote authenticated users to execute arbitrary SQL commands via the sortby parameter.
Php-fusion Members Cv Module 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-3405
Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the action_file parameter.
Nazgulled Nzfotolog 0.4.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-0325
SQL injection vulnerability in show.php in FaScript FaPersian Petition allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Fapersian Petition
1 EDB exploit
7.5
CVSSv2
CVE-2008-0326
SQL injection vulnerability in class/show.php in FaScript FaPersianHack 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter to show.php.
Fascript Fapersianhack 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-0327
SQL injection vulnerability in show.php in FaScript FaMp3 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Famp3 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-0328
SQL injection vulnerability in page.php in FaScript FaName 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Faname 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »