Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5069
SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Deeserver Panuwat Promoteweb Mysql
1 EDB exploit
NA
CVE-2008-5201
Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC ...
Otmanager Otmanager Cms 24a
1 EDB exploit
NA
CVE-2008-5202
Cross-site scripting (XSS) vulnerability in index.php in OTManager CMS 24a allows remote malicious users to inject arbitrary web script or HTML via the conteudo parameter.
Otmanager Otmanager Cms 24a
1 EDB exploit
NA
CVE-2008-4245
The Admin Control Panel in Rianxosencabos CMS 0.9 does not require administrator privileges, which allows remote authenticated users to (1) change a user's privileges, (2) delete a user account, or perform unspecified other administrative actions via vectors involving an adm...
Rianxosencabos Cms Rianxosencabos Cms 0.9
1 EDB exploit
NA
CVE-2008-4332
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote malicious users to execute arbitrary SQL commands via the idcat parameter to showtopic.php.
Cannot Php Infoboard V.7
1 EDB exploit
NA
CVE-2008-4333
Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote malicious users to inject arbitrary web script or HTML via the isname parameter in a newtopic action.
Cannot Php Infoboard V.7
1 EDB exploit
NA
CVE-2008-3505
Cross-site scripting (XSS) vulnerability in PolyPager 1.0 rc2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the nr parameter to the default URI.
Polypager Polypager 1.0
Polypager Polypager
Polypager Polypager 0.9.4
Polypager Polypager 0.9.51
Polypager Polypager 0.9.8
Polypager Polypager 0.9.9
Polypager Polypager 0.9.6
Polypager Polypager 0.9.7
1 EDB exploit
NA
CVE-2008-3506
SQL injection vulnerability in PolyPager 1.0 rc2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the nr parameter to the default URI.
Polypager Polypager 1.0
Polypager Polypager
Polypager Polypager 0.9.9
Polypager Polypager 0.9.4
Polypager Polypager 0.9.51
Polypager Polypager 0.9.6
Polypager Polypager 0.9.7
Polypager Polypager 0.9.8
1 EDB exploit
NA
CVE-2008-2839
Cross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote malicious users to inject arbitrary web script or HTML via the query parameter to index.php.
Traindepot Traindepot 0.1
1 EDB exploit
NA
CVE-2008-2870
Multiple SQL injection vulnerabilities in ShareCMS 0.1 Beta allow remote malicious users to execute arbitrary SQL commands via the (1) eventID parameter to event_info.php and the (2) userID parameter to list_user.php.
Sharecms Sharecms 0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »