Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
laurent gaffie vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6204
Multiple SQL injection vulnerabilities in Enthrallweb eHomes allow remote malicious users to execute arbitrary SQL commands via the (1) cid parameter to (a) dircat.asp; the (2) sid parameter to (b) dirSub.asp; the (3) TYPE_ID parameter to (c) types.asp; the (4) AD_ID parameter to...
Enthrallweb Ehomes
4 EDB exploits
NA
CVE-2010-2550
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote malicious users to execute arbitrary code via a cr...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
1 EDB exploit
1 Nmap script
NA
CVE-2006-5846
Directory traversal vulnerability in index.php in FreeWebshop 2.2.2 and previous versions allows remote malicious users to read and include arbitrary files via a .. (dot dot) in the page parameter, a different vector than CVE-2006-5773.
Freewebshop Freewebshop
1 EDB exploit
6.1
CVSSv3
CVE-2006-5847
Cross-site scripting (XSS) vulnerability in index.php in FreeWebshop 2.2.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the cat parameter.
Freewebshop Freewebshop
1 EDB exploit
NA
CVE-2006-5914
SQL injection vulnerability in ls.php in SAMEDIA LandShop allows remote malicious users to execute arbitrary SQL commands via the infield parameter. NOTE: the start, search_order, search_type, and search_area parameters are already covered by CVE-2005-4018.
Samedia Landshop
1 EDB exploit
NA
CVE-2006-5943
Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote malicious users to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter.
Website Designs For Less Inventory Manager
1 EDB exploit
NA
CVE-2006-5944
Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Mginternet Car Site Manager
1 EDB exploit
NA
CVE-2006-5915
Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMEDIA LandShop allow remote malicious users to inject arbitrary web script or HTML via the (1) start, (2) CAT_ID, (3) keyword, (4) search_area, (5) search_type, (6) infield, or (7) search_order parameter.
Samedia Landshop
1 EDB exploit
NA
CVE-2006-6022
Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Bestwebapp Bestwebapp Dating Site
1 EDB exploit
NA
CVE-2006-6083
SQL injection vulnerability in search.asp in CreaScripts Creadirectory allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Creascripts Creadirectory 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »