Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
0x90 vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2007-5752
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote malicious users to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
Agtc Websolutions Php-agtc Membership System 1.1a
2 EDB exploits
755
VMScore
CVE-2008-6464
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mevin Basic-php-events-lister 1.0
1 EDB exploit
755
VMScore
CVE-2008-6038
SQL injection vulnerability in index.php in MapCal 0.1 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.
Mapcal Mapcal 0.1
1 EDB exploit
755
VMScore
CVE-2008-5097
SQL injection vulnerability in index.php in MyFWB 1.0 allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Myfwb Myfwb 1.0
1 EDB exploit
755
VMScore
CVE-2008-4736
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the showtopic parameter.
Aves Rpg Board 0.8
Aves Rpg Board 0.0.8
Aves Rpg Board
1 EDB exploit
755
VMScore
CVE-2008-1492
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is a...
Coronamatrix Phpaddressbook 2.11
1 EDB exploit
605
VMScore
CVE-2007-5918
Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an ar...
Ms Topsites Ms Topsites
1 EDB exploit
435
VMScore
CVE-2008-4166
Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and previous versions allows remote malicious users to cause a denial of service (application crash) by attempting to URL encode a string containing many instances of an invalid character.
Avantbrowser Avant Browser
1 EDB exploit
NA
CVE-2024-36966
In the Linux kernel, the following vulnerability has been resolved: erofs: reliably distinguish block based and fscache mode When erofs_kill_sb() is called in block dev based mode, s_bdev may not have been initialised yet, and if CONFIG_EROFS_FS_ONDEMAND is enabled, it will be mi...
NA
CVE-2024-36968
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer overflow since hdev->le_mtu may not fall in the valid range. Move MTU from hci_dev...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »