Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
book vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-2017
SQL injection vulnerability in products.php in Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Virtuenetz Virtue Book Store
1 EDB exploit
685
VMScore
CVE-2009-1483
Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct reque...
Studiolounge Address Book 2.5
1 EDB exploit
755
VMScore
CVE-2006-1374
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and previous versions allows remote malicious users to execute arbitrary SQL commands via the transactions_offset parameter.
Brain Book Software Adman
1 EDB exploit
445
VMScore
CVE-2006-1375
AdMan 1.0.20051221 and previous versions allows remote malicious users to obtain the full path via (1) a blank campaignId parameter to editCampaign.php and (2) a blank schemeId parameter to viewPricingScheme.php.
Brain Book Software Adman
383
VMScore
CVE-2006-1398
Cross-site scripting (XSS) vulnerability in guestbook.php in G-Book 1.0 allows remote malicious users to inject arbitrary web script or HTML via the g_message parameter.
Sixal G-book 1.0
668
VMScore
CVE-2010-4923
SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote malicious users to execute arbitrary SQL commands via the bid parameter.
Virtuenetz Virtue Book Store
685
VMScore
CVE-2007-1937
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the config parameter.
Dreamcodes Scorp Book 1.0
1 EDB exploit
755
VMScore
CVE-2007-2000
Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter.
Raphael Limbach Crea-book
1 EDB exploit
605
VMScore
CVE-2006-3900
Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Tobias Kloy Tp-book
668
VMScore
CVE-2001-1114
book.cgi in NetCode NC Book 0.2b allows remote malicious users to execute arbitrary commands via shell metacharacters in the "current" parameter.
Netcode Nc Book 0.2b
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »