Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-4075
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote malicious users to read arbitrary files via a .. (dot dot) in the topic parameter.
Dino D-iscussion Board 3.01
1 EDB exploit
5
CVSSv2
CVE-2008-4115
TalkBack 2.3.6 allows remote malicious users to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
Talkback Talkback 2.3.6
1 EDB exploit
4.3
CVSSv2
CVE-2008-6906
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote malicious users to inject arbitrary web script or HTML via the username.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
5
CVSSv2
CVE-2009-2151
Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the newlang parameter.
Adaptweb Adaptweb 0.9.2
1 EDB exploit
6.8
CVSSv2
CVE-2009-2154
SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Sappy.dk Impleo Music Collection 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-2382
admin.php in phpMyBlockchecker 1.0.0055 allows remote malicious users to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to LOGGEDIN.
Jay-jayx0r Phpmyblockchecker 1.0.0055
1 EDB exploit
7.5
CVSSv2
CVE-2009-3148
Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) calendar.php, (2) news.php, and (3) links.php; and the (4) assignment_id parameter to assignments.php.
Portalxp Portalxp 1.2
1 EDB exploit
6.5
CVSSv2
CVE-2008-4175
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote malicious users to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
Linkbidscript Linkbidscript 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-1248
Multiple PHP remote file inclusion vulnerabilities in Acute Control Panel 1.0.0 allow remote malicious users to execute arbitrary PHP code via a URL in the theme_directory parameter to (1) container.php and (2) header.php in themes/.
Acutecp Acute Control Panel 1.0.0
1 EDB exploit
10
CVSSv2
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »