Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6248
Cross-site scripting (XSS) vulnerability in all.php in Galatolo WebManager 1.3a and previous versions allows remote malicious users to inject arbitrary web script or HTML via the tag parameter.
Galatolo Galatolo Webmanager 1.3a
1 EDB exploit
NA
CVE-2008-6257
SQL injection vulnerability in default.asp in Openasp 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idpage parameter in the pages module.
Openasp Openasp 3.0
1 EDB exploit
NA
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and previous versions for PunBB allow remote malicious users to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) heade...
Punbb Private Messaging System 1.2.2
Punbb Private Messaging System
Punbb Private Messaging System 1.2.1
Punbb Private Messaging System 1.2.0
1 EDB exploit
9.8
CVSSv3
CVE-2009-1936
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PH...
Cpcommerce Project Cpcommerce
1 EDB exploit
NA
CVE-2008-6727
Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and previous versions 2.x versions allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Myupb Upb 2.2.2
Myupb Upb 2.2.1
Myupb Upb 2.1.1b
Myupb Upb 2.0
1 EDB exploit
NA
CVE-2008-4523
SQL injection vulnerability in login.php in IP Reg 0.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user_name parameter.
Ip Reg Ip Reg 0.1
Ip Reg Ip Reg
Ip Reg Ip Reg 0.2
Ip Reg Ip Reg 0.3
1 EDB exploit
NA
CVE-2008-4675
SQL injection vulnerability in index.php in PHPcounter 1.3.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Phpcounter Phpcounter 1.3.1
Phpcounter Phpcounter 1.3.0
Phpcounter Phpcounter 1.2.1
Phpcounter Phpcounter 1.2.0
Phpcounter Phpcounter 1.2.5
Phpcounter Phpcounter 1.2.4
Phpcounter Phpcounter 1.2.3
Phpcounter Phpcounter 1.2.2
Phpcounter Phpcounter 1.2.7
Phpcounter Phpcounter 1.2.6
Phpcounter Phpcounter
1 EDB exploit
NA
CVE-2008-4700
SQL injection vulnerability in admin.php in Libera CMS 1.12 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the libera_staff_pass cookie parameter.
Liberiacms Liberia Cms
Liberiacms Liberia Cms 1.00
Liberiacms Liberia Cms 1.11
Liberiacms Liberia Cms 1.10
1 EDB exploit
NA
CVE-2008-4701
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the libera_staff_user cookie parameter, a different vector than CVE-2008-4700. NOTE: the provenance of this informat...
Liberiacms Liberia Cms 1.00
Liberiacms Liberia Cms 1.11
Liberiacms Liberia Cms 1.10
Liberiacms Liberia Cms
1 EDB exploit
NA
CVE-2008-5873
Yerba SACphp 6.3 and previous versions allows remote malicious users to bypass authentication and gain administrative access via a galleta[sesion] cookie that has a value beginning with 1:1: followed by a username.
Yerba Yerba 6.28
Yerba Yerba
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »