Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh underground vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3133
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Barenuked Barenuked Cms 1.1.0
1 EDB exploit
NA
CVE-2008-3181
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
Content Now Content Now 1.4.1
1 EDB exploit
NA
CVE-2008-3191
Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) City, (2) Interest, (3) Email, (4) Icq, (5) msn, or (6) Yahoo Messenger field in an edit_profile acti...
Marcioforum Mforum 0.1a
1 EDB exploit
NA
CVE-2008-3200
SQL injection vulnerability in vlc_forum.php in Avlc Forum as of 20080715 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an affich_message action.
Easy-script Avlc Forum
1 EDB exploit
NA
CVE-2008-4713
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote malicious users to execute arbitrary SQL commands via the qID parameter.
212cafe 212cafeboard 0.07
1 EDB exploit
NA
CVE-2008-6911
SQL injection vulnerability in the authenticateUser function in includes/authentication.inc.php in BrewBlogger (BB) 2.1.0.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the loginUsername parameter to includes/logincheck.i...
Brewblogger Brewblogger 2.1.0.1
1 EDB exploit
NA
CVE-2008-5586
SQL injection vulnerability in findoffice.php in Check Up New Generation (aka Check New) 4.52, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the search parameter.
Check Up Check New 4.52
1 EDB exploit
NA
CVE-2008-5628
SQL injection vulnerability in index.php in CMS little 0.0.1 allows remote malicious users to execute arbitrary SQL commands via the term parameter.
Little Cms Little Cms 0.0.1
1 EDB exploit
NA
CVE-2008-5954
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the lname parameter in a login action to an unspecified component. NOTE: the provenance of this infor...
Ktp Computer Customer Database Ktp Computer Customer Database Nil
1 EDB exploit
NA
CVE-2008-5956
Wbstreet (aka PHPSTREET Webboard) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request to connect.inc.
Phpstreet Webboard 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »