Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5201
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC ...
Otmanager Otmanager Cms 24a
1 EDB exploit
NA
CVE-2008-5202
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote malicious users to inject arbitrary web script or HTML via the conteudo parameter.
Otmanager Otmanager Cms 24a
1 EDB exploit
NA
CVE-2008-5267
SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the question_id parameter.
Experts Experts 1.0.0
1 EDB exploit
NA
CVE-2008-5271
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote malicious users to inject arbitrary web script or HTML via the section parameter.
Syndeocms Syndeocms 2.6.0
1 EDB exploit
NA
CVE-2008-5265
Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the modulo parameter.
Tntforum Tnt Forum 0.9.4
1 EDB exploit
NA
CVE-2008-5272
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, re...
Syndeocms Syndeocms 2.6.0
1 EDB exploit
NA
CVE-2008-3505
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the nr parameter to the default URI.
Polypager Polypager 1.0
Polypager Polypager
Polypager Polypager 0.9.4
Polypager Polypager 0.9.51
Polypager Polypager 0.9.8
Polypager Polypager 0.9.9
Polypager Polypager 0.9.6
Polypager Polypager 0.9.7
1 EDB exploit
NA
CVE-2008-3506
SQL injection vulnerability in PolyPager 1.0 rc2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the nr parameter to the default URI.
Polypager Polypager 1.0
Polypager Polypager
Polypager Polypager 0.9.9
Polypager Polypager 0.9.4
Polypager Polypager 0.9.51
Polypager Polypager 0.9.6
Polypager Polypager 0.9.7
Polypager Polypager 0.9.8
1 EDB exploit
NA
CVE-2008-4713
SQL injection vulnerability in view.php in 212cafe Board 0.07 allows remote malicious users to execute arbitrary SQL commands via the qID parameter.
212cafe 212cafeboard 0.07
1 EDB exploit
NA
CVE-2008-2046
Cross-site scripting (XSS) vulnerability in index.php in Softpedia SiteXS CMS 0.1.1 Pre-Alpha allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
Softpedia Sitexs Cms 0.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »