Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5272
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, re...
Syndeocms Syndeocms 2.6.0
1 EDB exploit
NA
CVE-2013-1748
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote malicious users to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view.php id vector is already covered by CVE-2008-2565.1 and the edit.php id vec...
Chatelao Php Address Book 8.2.5
1 EDB exploit
NA
CVE-2008-5956
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request to connect.inc.
Phpstreet Webboard 1.0
1 EDB exploit
NA
CVE-2008-2695
Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Phpinv Phpinv 0.8.0
1 EDB exploit
NA
CVE-2008-2855
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Ownrs Ownrs Beta 3
1 EDB exploit
NA
CVE-2008-2897
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Pagesquid Pagesquid Cms 0.3
1 EDB exploit
NA
CVE-2008-2901
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter...
Haudenschilt Family Connections Cms 1.4
1 EDB exploit
NA
CVE-2008-2907
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the eml parameter.
Webchamado Webchamado 1.1
1 EDB exploit
NA
CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Myblog Myblog
1 EDB exploit
NA
CVE-2008-2963
Multiple SQL injection vulnerabilities in MyBlog allow remote malicious users to execute arbitrary SQL commands via the (1) view parameter to (a) index.php, and the (2) id parameter to (b) member.php and (c) post.php.
Myblog Myblog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »