Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
byalbayx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4806
admin/save_user.asp in Digital Interchange Document Library 1.0.1 does not require administrative authentication, which allows remote malicious users to read or modify the administrator's credentials via unspecified vectors. NOTE: some of these details are obtained from thir...
Digitalinterchange Digital Interchange Document Library 1.0.1
1 EDB exploit
NA
CVE-2009-4202
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
Omilenitsolutions Com Omphotogallery 0.5
1 EDB exploit
NA
CVE-2009-3053
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
Jvitals Com Agora 3.0.0b
1 EDB exploit
NA
CVE-2009-2606
ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for NFL.mdb.
Brainjar Asp Football Pool 2.3
1 EDB exploit
NA
CVE-2009-2239
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter...
Joomla Com Casino Videopoker 0.3.1
Joomla Com Casinobase 0.3.1
Joomla Com Casiino Blackjack 0.3.1
1 EDB exploit
NA
CVE-2009-2142
Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store Chat 4.0 and 5.0 allow remote malicious users to execute arbitrary SQL commands via the (1) login and (2) senha parameters.
Zipstore Zip Store Chat 4.0
Zipstore Zip Store Chat 5.0
1 EDB exploit
NA
CVE-2009-2100
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote malicious users to read arbitrary files via directory traversal sequences in the section parameter to index.php.
Joomlapraise Com Projectfork 2.0.10
1 EDB exploit
NA
CVE-2009-2024
Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt.
Vt.rovno Asp Vt Auth 1.0
1 EDB exploit
NA
CVE-2009-2022
fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file and obtain sensitive information via a direct request for _fipsdb/db.mdb.
Fipsasp Fipscms Light 2.1
1 EDB exploit
NA
CVE-2009-1850
SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Benjamin Curtis Phpbugtracker 1.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »