Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cwh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2695
Directory traversal vulnerability in entry.php in phpInv 0.8.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Phpinv Phpinv 0.8.0
1 EDB exploit
NA
CVE-2008-5267
SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the question_id parameter.
Experts Experts 1.0.0
1 EDB exploit
NA
CVE-2008-5272
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, re...
Syndeocms Syndeocms 2.6.0
1 EDB exploit
NA
CVE-2008-2458
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the st parameter.
4shared Starsgames Control Panel
1 EDB exploit
NA
CVE-2008-2770
SQL injection vulnerability in index.php in MycroCMS 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the entry_id parameter.
Mycrocms Mycrocms 0.5
1 EDB exploit
NA
CVE-2008-2813
Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Shoutcastadmin Wallcity-server Shoutcast Admin Panel 2.0
1 EDB exploit
NA
CVE-2008-2838
Directory traversal vulnerability in index.php in Traindepot 0.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in the module parameter.
Traindepot Traindepot 0.1
1 EDB exploit
NA
CVE-2008-2839
Cross-site scripting (XSS) vulnerability in the search module in Traindepot 0.1 allows remote malicious users to inject arbitrary web script or HTML via the query parameter to index.php.
Traindepot Traindepot 0.1
1 EDB exploit
NA
CVE-2008-2897
SQL injection vulnerability in index.php in PageSquid CMS 0.3 Beta allows remote malicious users to execute arbitrary SQL commands via the page parameter.
Pagesquid Pagesquid Cms 0.3
1 EDB exploit
NA
CVE-2008-3133
SQL injection vulnerability in admin/index.php in BareNuked CMS 1.1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Barenuked Barenuked Cms 1.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »