Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
t0pp8uzz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5213
SQL injection vulnerability in featured_article.php in AJ Article 1.0 allows remote malicious users to execute arbitrary SQL commands via the artid parameter in a search detail action.
Aj Square Aj Article 1.0
1 EDB exploit
NA
CVE-2007-4054
SQL injection vulnerability in category.php in PHP123 Top Sites allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Php123 Top Sites
1 EDB exploit
NA
CVE-2008-6081
SQL injection vulnerability in contact.php in Simple Customer 1.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Simplecustomer Simple Customer 1.2
1 EDB exploit
NA
CVE-2008-6199
2532designs 2532|Gigs 1.2.2 and previous versions allows remote malicious users to trigger a backup and obtain sensitive information via a direct request to backup.php, which creates backup.sql under the web root with insufficient access control.
2532gigs 2532gigs 1.2.1
2532gigs 2532gigs
1 EDB exploit
NA
CVE-2008-6209
SQL injection vulnerability in view_product.php in Vastal I-Tech Software Zone allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter.
Vastal Software Zone -
1 EDB exploit
NA
CVE-2008-6524
resetpass.php in openInvoice 0.90 beta and previous versions allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication...
Cale Dunlap Openinvoice
1 EDB exploit
NA
CVE-2008-6714
admin.php in xeCMS 1.0.0 RC2 and previous versions allows remote malicious users to bypass authentication and access the admin panel by setting the xecms_username cookie.
Xecms Project Xecms 1.0.0
1 EDB exploit
NA
CVE-2007-6392
SQL injection vulnerability in DWdirectory 2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the search parameter to the /search URI.
Dominion Web Dwdirectory
1 EDB exploit
NA
CVE-2007-6462
SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Php Real Estate Classifieds Php Real Estate Classifieds Premium Plus
1 EDB exploit
NA
CVE-2008-2857
AlstraSoft AskMe Pro 2.1 and previous versions stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information.
Alstrasoft Askme
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »