Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0x90 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6464
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mevin Basic-php-events-lister 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6038
SQL injection vulnerability in index.php in MapCal 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.
Mapcal Mapcal 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-5097
SQL injection vulnerability in index.php in MyFWB 1.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myfwb Myfwb 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-4736
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the showtopic parameter.
Aves Rpg Board 0.8
Aves Rpg Board 0.0.8
Aves Rpg Board
1 EDB exploit
7.5
CVSSv2
CVE-2008-1492
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is a...
Coronamatrix Phpaddressbook 2.11
1 EDB exploit
7.5
CVSSv2
CVE-2007-5752
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote malicious users to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
Agtc Websolutions Php-agtc Membership System 1.1a
2 EDB exploits
6
CVSSv2
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
4.3
CVSSv2
CVE-2008-4166
Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and previous versions allows remote malicious users to cause a denial of service (application crash) by attempting to URL encode a string containing many instances of an invalid character.
Avantbrowser Avant Browser
1 EDB exploit
NA
CVE-2024-36884
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() This was missed because of the function pointer indirection. nvidia_smmu_context_fault() is also installed as a irq function, and the 'void...
NA
CVE-2024-36885
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() Currently, enabling SG_DEBUG in the kernel will cause nouveau to hit a BUG() on startup: kernel BUG at include/linux/scatterlist.h:187! invalid o...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »