Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cod3rz vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2130
SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Igaming Cms 1.5
1 EDB exploit
NA
CVE-2008-2192
Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote malicious users to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.
Itcms Itcms 1.9
1 EDB exploit
NA
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote malicious users to change the password of arbitrary users via a direct request.
Phprisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2008-3164
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected.
Fuzzylime Fuzzylime Cms 3.01
1 EDB exploit
NA
CVE-2008-6834
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads parameter to code/newsheads...
Fuzzylime Fuzzylime \\(cms\\) 3.0.1
Fuzzylime Fuzzylime \\(cms\\) 3.0.1a
1 EDB exploit
NA
CVE-2008-6745
index.php in BlogPHP 2.0 allows remote malicious users to gain administrator privileges via a crafted email parameter in a register2 action.
Blogphp Blogphp 2.0
1 EDB exploit
NA
CVE-2008-5105
KarjaSoft Sami FTP Server 2.0.x allows remote malicious users to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands.
Karjasoft Sami Ftp Server 2.0.2
Karjasoft Sami Ftp Server 2.0.0
Karjasoft Sami Ftp Server 2.0.1
1 EDB exploit
NA
CVE-2008-6650
del.php in miniBloggie 1.0 allows remote malicious users to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
Mywebland Minibloggie 1.0
1 EDB exploit
NA
CVE-2008-6652
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the sitename parameter.
Insanevisions Onecms 2.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started