Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blackhawk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2002
InoutMailingListManager 3.1 and previous versions allows remote malicious users to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie.
Inoutmailinglistmanager Inoutmailinglistmanager
1 EDB exploit
NA
CVE-2007-2003
InoutMailingListManager 3.1 and previous versions sends a Location redirect header but does not exit after an authorization check fails, which allows remote malicious users to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redi...
Inoutmailinglistmanager Inoutmailinglistmanager
1 EDB exploit
NA
CVE-2007-2004
Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors.
Inoutmailinglistmanager Inoutmailinglistmanager
1 EDB exploit
NA
CVE-2006-6785
The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and previous versions do not exit when authentication fails, which allows remote malicious users to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulne...
Open Newsletter Open Newsletter 2.0
Open Newsletter Open Newsletter
1 EDB exploit
NA
CVE-2006-6786
Open Newsletter 2.5 and previous versions allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php.
Open Newsletter Open Newsletter
Open Newsletter Open Newsletter 2.0
1 EDB exploit
NA
CVE-2009-1226
core/admin/delete.php in Podcast Generator 1.1 and previous versions does not properly restrict access to administrative functions, which allows remote malicious users to delete arbitrary files via the file parameter.
Podcast Generator Podcast Generator 1.0
Podcast Generator Podcast Generator 1.0 Beta
Podcast Generator Podcast Generator 0.96
Podcast Generator Podcast Generator 0.8
Podcast Generator Podcast Generator 0.6
Podcast Generator Podcast Generator 1.0 Beta3
Podcast Generator Podcast Generator 1.0 Beta2
Podcast Generator Podcast Generator 0.9
Podcast Generator Podcast Generator 0.81
Podcast Generator Podcast Generator 0.96.2
Podcast Generator Podcast Generator
Podcast Generator Podcast Generator 0.95
Podcast Generator Podcast Generator 0.94
Podcast Generator Podcast Generator 1.0 Beta4a
Podcast Generator Podcast Generator 1.0 Beta4
Podcast Generator Podcast Generator 0.93
Podcast Generator Podcast Generator 0.92
Podcast Generator Podcast Generator 0.91
1 EDB exploit
NA
CVE-2007-2371
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and previous versions provides access to configuration modification before login, which allows remote malicious users to cause a denial of service (loss of configuration data), and possibly perform direct static code ...
Gregory Kokanosky Phpmynewsletter
1 EDB exploit
NA
CVE-2006-7116
SQL injection vulnerability in includes/functions.php in Kubix 0.7 and previous versions allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the member_id parameter ($id variable) to index.php.
Kubix Kubix
1 EDB exploit
NA
CVE-2007-2372
admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and previous versions prints a Location header but does not exit when administrative credentials are missing, which allows remote malicious users to compose an e-mail message via a post with the subject, message, f...
Gregory Kokanosky Phpmynewsletter
1 EDB exploit
NA
CVE-2006-7117
Multiple directory traversal vulnerabilities in Kubix 0.7 and previous versions allow remote malicious users to (1) include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and (2)...
Kubix Kubix
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »