Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2018
SQL injection vulnerability in admin/index.php in Jared Eckersley MyCars, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the authuserid parameter.
Jaredeckersley Mycars
1 EDB exploit
NA
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
NA
CVE-2009-0739
SQL injection vulnerability in login.php in MyNews 0.10 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Mynews 0.10
1 EDB exploit
NA
CVE-2008-5654
SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote malicious users to execute arbitrary SQL commands via the rsargs parameter, as reachable through the username parameter, a different vector than CVE-2008-1344. NOTE: some ...
Myiosoft Easycalendar 4.0
1 EDB exploit
NA
CVE-2009-2340
SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote malicious users to execute arbitrary SQL commands via the txtUserName (aka User Name) parameter. NOTE: some of these details are obtained from third party information.
Opial Opial 1.0
1 EDB exploit
NA
CVE-2006-0153
427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote malicious users to bypass authentication by using a valid username and usertype and setting the authenticated cookie.
427bb Fourtwosevenbb 2.2
427bb Fourtwosevenbb 2.2.1
1 EDB exploit
NA
CVE-2009-1314
body.asp in Web File Explorer 3.1 allows remote malicious users to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.
Webfileexplorer Web File Explorer 3.1
1 EDB exploit
NA
CVE-2008-5633
SQL injection vulnerability in register.asp in ActiveVotes 2.2 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, possibly related to start.asp. NOTE: some of these details are obtained from third party information.
Activewebsoftwares Activevotes 2.2
1 EDB exploit
NA
CVE-2008-5817
Multiple SQL injection vulnerabilities in index.php in Web Scribble Solutions webClassifieds 2005 allow remote malicious users to execute arbitrary SQL commands via the (1) user and (2) password fields in a sign_in action.
Web Scribble Solutions Webclassifieds 2005
1 EDB exploit
9.1
CVSSv3
CVE-2018-15152
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR prior to 5.0.1.4 allows a remote malicious user to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php...
Open-emr Openemr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »