Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aliaksandr hartsuyeu vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1334
Multiple SQL injection vulnerabilities in Maian Weblog 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) entry and (2) email parameters to (a) print.php and (b) mail.php.
Maian Script World Maian Weblog
2 EDB exploits
NA
CVE-2006-1569
Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php.
Redcms Redcms 0.1
2 EDB exploits
NA
CVE-2006-0167
SQL injection vulnerability in MyPhPim 01.05 allows remote malicious users to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page.
Myphpim Myphpim 01.05
2 EDB exploits
NA
CVE-2006-0066
SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote malicious users to execute arbitrary SQL commands via the readold parameter.
Phpjournaler Phpjournaler 1.0
1 EDB exploit
NA
CVE-2006-0160
SQL injection vulnerability in add_post.php3 in Venom Board 1.22 allows remote malicious users to execute arbitrary SQL commands via the (1) parent, (2) root, and (3) topic_id parameters to post.php3.
Venom Board Venom Board 1.22
1 EDB exploit
NA
CVE-2006-0209
SQL injection vulnerability in general_functions.php in TankLogger 2.4 allows remote malicious users to execute arbitrary SQL commands via the (1) livestock_id parameter to showInfo.php and (2) tank_id parameter, possibly to livestock.php.
Tanklogger Tanklogger 2.4
1 EDB exploit
NA
CVE-2006-0312
create.php in aoblogger 2.3 allows remote malicious users to bypass authentication and create new blog entries by setting the uza parameter to 1.
Mike Helton Aoblogger 2.3
1 EDB exploit
NA
CVE-2006-0417
SQL injection vulnerability in login.php in miniBloggie 1.0 and previous versions, when gpc_magic_quotes is disabled, allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.
Mywebland Minibloggie
1 EDB exploit
NA
CVE-2006-1234
SQL injection vulnerability in index.php in DSCounter 1.2, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For field (HTTP_X_FORWARDED_FOR environment variable) in an HTTP header.
Dsportal Dscounter 1.2
1 EDB exploit
1 Github repository
NA
CVE-2006-1543
Multiple SQL injection vulnerabilities in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) loginvar parameter in (a) admin/admin.php, and the (2) news and (3) nom parameters in (b) news.php.
Vscripts Vnews 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »