Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2009-1936
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PH...
Cpcommerce Project Cpcommerce
1 EDB exploit
NA
CVE-2009-2147
SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpwebthings Phpwebthings 1.0
Phpwebthings Phpwebthings 0.3
Phpwebthings Phpwebthings 0.2b
Phpwebthings Phpwebthings 0.2
Phpwebthings Phpwebthings 0.1
Phpwebthings Phpwebthings
Phpwebthings Phpwebthings 1.1a
Phpwebthings Phpwebthings 1.4
Phpwebthings Phpwebthings 0.4.1
Phpwebthings Phpwebthings 0.4
Phpwebthings Phpwebthings 1.4.4
Phpwebthings Phpwebthings 1.5.0
Phpwebthings Phpwebthings 1.5.1
Phpwebthings Phpwebthings 0.4.2
Phpwebthings Phpwebthings 0.6.0
1 EDB exploit
NA
CVE-2009-2176
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.ph...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
NA
CVE-2009-2177
code/display.php in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a ...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
NA
CVE-2009-0372
Unrestricted file upload vulnerability in index.php in Miltenovik Manojlo MemHT Portal 4.0.1 and previous versions allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and an image content type via a users editProfile action...
Memht Memht Portal 3.4.5
Memht Memht Portal 1.5
Memht Memht Portal 2.5
Memht Memht Portal 3.4
Memht Memht Portal 3.0
Memht Memht Portal 3.8.5
Memht Memht Portal 3.3
Memht Memht Portal 3.8.1
Memht Memht Portal 3.8.0
Memht Memht Portal 2.9
Memht Memht Portal 3.1
Memht Memht Portal 3.6.0
Memht Memht Portal
Memht Memht Portal 1.0
Memht Memht Portal 3.7.5
Memht Memht Portal 3.7.0
Memht Memht Portal 3.6.5
Memht Memht Portal 3.5.0
Memht Memht Portal 2.0
Memht Memht Portal 3.2
Memht Memht Portal 3.9.0
1 EDB exploit
NA
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and previous versions, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the hide parameter, a different vector than...
E107 E107 0.7.11
E107 E107 0.7.13
E107 E107 0.553 Beta
E107 E107 0.549 Beta
E107 E107 0.551 Beta
E107 E107 0.6 12
E107 E107 0.6 11
E107 E107 0.603
E107 E107 0.602
E107 E107 0.609
E107 E107 0.610
E107 E107 0.616
E107 E107 0.617
E107 E107 0.7
E107 E107 0.7.3
E107 E107 5.05
E107 E107 5.04
E107 E107 5.3 Beta2
E107 E107 5.4 Beta1
E107 E107 0.7.10
E107 E107 0.554
E107 E107 0.6 15a
1 EDB exploit
NA
CVE-2009-1259
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.
Insanevisions Adaptbb 1.0
1 EDB exploit
NA
CVE-2009-4106
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and previous versions allows remote malicious users to inject and execute arbitrary PHP code via the filename and text parameters.
Ohloh Agoko Cms
1 EDB exploit
NA
CVE-2009-0592
Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4...
Pnphpbb Pnphpbb2 1.2h
Pnphpbb Pnphpbb2 1.1a
Pnphpbb Pnphpbb2 1.1
Pnphpbb Pnphpbb2 1.2e
Pnphpbb Pnphpbb2 1.2d
Pnphpbb Pnphpbb2 1.2a
Pnphpbb Pnphpbb2 1.2
Pnphpbb Pnphpbb2 1.2g
Pnphpbb Pnphpbb2 1.2f
Pnphpbb Pnphpbb2 1.0
Pnphpbb Pnphpbb2
1 EDB exploit
NA
CVE-2009-0728
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Maxdev My Egallery -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »