Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
6
CVSSv2
CVE-2008-6726
Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-34...
Cmscout Cmscout 2.06
1 EDB exploit
6
CVSSv2
CVE-2008-6905
Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
10
CVSSv2
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
4.3
CVSSv2
CVE-2009-1367
Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a.
Mozilo Mozilocms 1.11
1 EDB exploit
7.5
CVSSv2
CVE-2009-1368
Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3.
Mozilo Mozilocms 1.11
1 EDB exploit
6.8
CVSSv2
CVE-2009-1406
Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the include parameter.
Sweetphp Totalcalendar 2.4
1 EDB exploit
4.3
CVSSv2
CVE-2009-1951
Cross-site scripting (XSS) vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote malicious users to inject arbitrary web script or HTML via the pl parameter in a mi action.
Propertymaxpro Propertymax Pro Free 0.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-2096
SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote malicious users to execute arbitrary SQL commands via the itemnr parameter.
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
7.6
CVSSv2
CVE-2009-2110
Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php.
Jnmsolutions Db Top Sites 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »