Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4888
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
Netrisk Netrisk
Netrisk Netrisk 1.9.7
1 EDB exploit
6.8
CVSSv2
CVE-2008-5000
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
Phpx Phpx 3.5.16
1 EDB exploit
7.5
CVSSv2
CVE-2008-5895
SQL injection vulnerability in connection.php in Mediatheka 4.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user parameter.
Mediatheka Mediatheka 4.2
1 EDB exploit
5.1
CVSSv2
CVE-2008-6551
Multiple directory traversal vulnerabilities in e-Vision CMS 2.0.2 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) an adminlang cookie to admin/ind_ex.php; or the module ...
E-vision E-vision Cms
E-vision E-vision Cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6553
microcms-admin-home.php in Implied by Design Micro CMS (Micro-CMS) 3.5 (aka 0.3.5) does not require authentication as an administrator, which allows remote malicious users to (1) create administrative accounts via an add_admin action, (2) remove administrative accounts via a dele...
Impliedbydesign Micro-cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-2876
Directory traversal vulnerability in index.php in mUnky 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the zone parameter.
Munky Munky 0.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-0123
Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote malicious users to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors.
Adn Forum Adn Forum 1.0
Adn Forum Adn Forum 1.0b
1 EDB exploit
7.5
CVSSv2
CVE-2009-0592
Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4...
Pnphpbb Pnphpbb2 1.0
Pnphpbb Pnphpbb2 1.2
Pnphpbb Pnphpbb2 1.2d
Pnphpbb Pnphpbb2 1.2a
Pnphpbb Pnphpbb2
Pnphpbb Pnphpbb2 1.2h
Pnphpbb Pnphpbb2 1.1
Pnphpbb Pnphpbb2 1.2g
Pnphpbb Pnphpbb2 1.1a
Pnphpbb Pnphpbb2 1.2f
Pnphpbb Pnphpbb2 1.2e
1 EDB exploit
7.5
CVSSv2
CVE-2009-0728
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Maxdev My Egallery -
1 EDB exploit
6.8
CVSSv2
CVE-2009-1259
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.
Insanevisions Adaptbb 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »