Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2838
Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the module parameter.
Traindepot Traindepot 0.1
1 EDB exploit
NA
CVE-2008-2855
Cross-site scripting (XSS) vulnerability in clanek.php in OwnRS Beta 3 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Ownrs Ownrs Beta 3
1 EDB exploit
NA
CVE-2008-2856
SQL injection vulnerability in clanek.php in OwnRS Beta 3 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ownrs Ownrs Beta 3
1 EDB exploit
NA
CVE-2008-2870
Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote malicious users to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
Sharecms Sharecms 0.1
1 EDB exploit
NA
CVE-2008-2897
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Pagesquid Pagesquid Cms 0.3
1 EDB exploit
NA
CVE-2008-2901
Multiple SQL injection vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 allow remote authenticated users to execute arbitrary SQL commands via the (1) address parameter to addressbook.php, the (2) getnews parameter to familynews.php, and the (3) poll_id parameter...
Haudenschilt Family Connections Cms 1.4
1 EDB exploit
NA
CVE-2008-2913
Directory traversal vulnerability in func.php in Devalcms 1.4a, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the currentpath parameter, in conjunction with certain ... (triple dot) and ..... se...
Devalcms Devalcms 1.4a
1 EDB exploit
NA
CVE-2008-2962
Multiple cross-site scripting (XSS) vulnerabilities in MyBlog allow remote malicious users to inject arbitrary web script or HTML via the (1) s and (2) sort parameters to index.php, and the (3) id parameter to post.php.
Myblog Myblog
1 EDB exploit
NA
CVE-2008-2965
Cross-site scripting (XSS) vulnerability in viewforum.php in JaxUltraBB (JUBB) 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the forum parameter.
Jaxbot Jaxultrabb
1 EDB exploit
NA
CVE-2008-2966
Directory traversal vulnerability in viewprofile.php in JaxUltraBB 2.0 and previous versions allows remote malicious users to read arbitrary local files via a .. (dot dot) in the user parameter. party information.
Jaxultrabb Jaxultrabb
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »