Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2009-2784
Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rightslideopen/, (3) menu...
Ditcms Dit.cms 1.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-3158
admin/files.php in simplePHPWeb 0.2 does not require authentication, which allows remote malicious users to perform unspecified administrative actions via unknown vectors. NOTE: some of these details are obtained from third party information.
Carsten Wulff Simplephpweb 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-3217
SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote malicious users to execute arbitrary SQL commands via the member_id parameter in an edit_user action to index.php.
Wiccle Iwiccle 1.01
1 EDB exploit
4.3
CVSSv2
CVE-2008-3923
Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
4.3
CVSSv2
CVE-2008-3925
Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) 1.12 allows remote malicious users to trigger the logout of an administrative user via a logout action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
5
CVSSv2
CVE-2008-4115
TalkBack 2.3.6 allows remote malicious users to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
Talkback Talkback 2.3.6
1 EDB exploit
4.3
CVSSv2
CVE-2008-6906
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote malicious users to inject arbitrary web script or HTML via the username.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
6.8
CVSSv2
CVE-2009-1952
Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Propertymaxpro Propertymax Pro Free 0.3
1 EDB exploit
6.8
CVSSv2
CVE-2009-2154
SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Sappy.dk Impleo Music Collection 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-2382
admin.php in phpMyBlockchecker 1.0.0055 allows remote malicious users to bypass authentication and gain administrative access by setting the PHPMYBCAdmin cookie to LOGGEDIN.
Jay-jayx0r Phpmyblockchecker 1.0.0055
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »