Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1651
Directory traversal vulnerability in admin/login.php in EasyNews 4.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Myiosoft Easynews 4.0tr
1 EDB exploit
NA
CVE-2008-1714
SQL injection vulnerability in show.php in FaScript FaPhoto 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Fascript Faphoto 1.0
1 EDB exploit
NA
CVE-2008-2187
Cross-site scripting (XSS) vulnerability in mjguest.php in Mjguest 6.7 GT Rev.01 allows remote malicious users to inject arbitrary web script or HTML via the level parameter in a redirect action, possibly involving interface/redirect.htm.php.
Mdsjack Mjguest 6.7
1 EDB exploit
NA
CVE-2008-3368
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Atutor Atutor 1.3.1
Atutor Atutor 0.9.7
Atutor Atutor 1.3
Atutor Atutor 1.5.2
Atutor Atutor 1.3.2
Atutor Atutor 0.9.6
Atutor Atutor 1.4.3
Atutor Atutor 1.5.3.1
Atutor Atutor 1.0
Atutor Atutor 1.5.1
Atutor Atutor 1.4.2
Atutor Atutor 1.5.3.2
Atutor Atutor 1.5.4
Atutor Atutor 1.5.5
Atutor Atutor 1.6
Atutor Atutor
Atutor Atutor 1.2.1
Atutor Atutor 1.5.3
Atutor Atutor 1.2.2
Atutor Atutor 1.4.1
Atutor Atutor 1.4
Atutor Atutor 1.3.3
1 EDB exploit
NA
CVE-2008-5787
Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter, in conjunction with a show action.
Arabportal Arab Portal 2.1
1 EDB exploit
NA
CVE-2008-6927
Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote malicious users to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (...
Cpanel Cpanel
1 EDB exploit
NA
CVE-2008-2196
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote malicious users to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
Lifetype Lifetype 1.2.8
1 EDB exploit
NA
CVE-2008-0796
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote malicious users to execute arbitrary SQL commands via the ssid parameter.
Nuboard Nuboard 0.5
1 EDB exploit
NA
CVE-2008-0678
SQL injection vulnerability in index.php in BlogPHP 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a page action.
Blogphp Blogphp 2.0
1 EDB exploit
NA
CVE-2008-0679
Cross-site scripting (XSS) vulnerability in index.php in BlogPHP 2.0 allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Blogphp Blogphp 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »