cod3rz vulnerabilities and exploits

(subscribe to this query)

NA

SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.

Igaming Cms 1.5

1 EDB exploit

NA

Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote malicious users to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.

Itcms Itcms 1.9

1 EDB exploit

NA

NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote malicious users to change the password of arbitrary users via a direct request.

Phprisk Netrisk 1.9.7

1 EDB exploit

NA

Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected.

Fuzzylime Fuzzylime Cms 3.01

1 EDB exploit

NA

Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads parameter to code/newsheads...

Fuzzylime Fuzzylime \\(cms\\) 3.0.1 Fuzzylime Fuzzylime \\(cms\\) 3.0.1a

1 EDB exploit

NA

index.php in BlogPHP 2.0 allows remote malicious users to gain administrator privileges via a crafted email parameter in a register2 action.

Blogphp Blogphp 2.0

1 EDB exploit

NA

KarjaSoft Sami FTP Server 2.0.x allows remote malicious users to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands.

Karjasoft Sami Ftp Server 2.0.2 Karjasoft Sami Ftp Server 2.0.0 Karjasoft Sami Ftp Server 2.0.1

1 EDB exploit

NA

del.php in miniBloggie 1.0 allows remote malicious users to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.

Mywebland Minibloggie 1.0

1 EDB exploit

NA

SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the sitename parameter.

Insanevisions Onecms 2.5

1 EDB exploit

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook