Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zorlu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6931
Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeke...
Phpstore Phpcareers
1 EDB exploit
NA
CVE-2008-7019
Esqlanelapse 2.6.1 and 2.6.2 allows remote malicious users to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies.
Esqlanelapse Esqlanelapse 2.6.1
Esqlanelapse Esqlanelapse 2.6.2
1 EDB exploit
NA
CVE-2008-7071
SQL injection vulnerability in authenticate.php in Chipmunk Topsites allows remote malicious users to execute arbitrary SQL commands via the username parameter, related to login.php. NOTE: some of these details are obtained from third party information.
Chipmunk-scripts Chipmunk Topsites -
1 EDB exploit
NA
CVE-2008-7141
Cross-site scripting (XSS) vulnerability in setup.php in @lex Poll 2.1 allows remote malicious users to inject arbitrary web script or HTML via the language_setup parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party info...
Alexphpteam \\@lex Poll 2.1
1 EDB exploit
NA
CVE-2008-1504
Cross-site scripting (XSS) vulnerability in setup.php3 in phpHeaven phpMyChat 0.14.5 allows remote malicious users to inject arbitrary web script or HTML via the Lang parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party ...
Phpheaven Phpmychat 0.14.5
1 EDB exploit
NA
CVE-2009-1504
Absolute Form Processor XE 1.5 allows remote malicious users to bypass authentication and gain administrative access by setting the xlaAFPadmin cookie to "lvl=1&userid=1."
Xigla Absolute Control Panel Xe 1.5
1 EDB exploit
NA
CVE-2008-6468
SQL injection vulnerability in index.php in Diesel Pay allows remote malicious users to execute arbitrary SQL commands via the area parameter in a browse action.
Dieselscripts Diesel Pay -
1 EDB exploit
NA
CVE-2008-6683
Cross-site scripting (XSS) vulnerability in listtest.php in Apartment Search Script allows remote malicious users to inject arbitrary web script or HTML via the r parameter.
Yourfreeworld Apartment Search Script
1 EDB exploit
NA
CVE-2008-4461
SQL injection vulnerability in advanced_search_results.php in Vastal I-Tech Dating Zone, possibly 0.9.9, allows remote malicious users to execute arbitrary SQL commands via the fage parameter.
Vastal I-tech Dating Zone 0.9.9
1 EDB exploit
NA
CVE-2008-5803
SQL injection vulnerability in admin/login.php in E-topbiz Online Store 1.0 allows remote malicious users to execute arbitrary SQL commands via the user parameter (aka username field). NOTE: some of these details are obtained from third party information.
E-topbiz Online Store 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »