Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crux vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4483
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the theme parameter.
Crux Software Gallery 1.31
Crux Software Gallery 1.30
Crux Software Gallery 1.0
Crux Software Gallery 1.2
Crux Software Gallery 1.1
Crux Software Gallery
Crux Software Gallery 1.32
1 EDB exploit
NA
CVE-2008-4484
main.php in Crux Gallery 1.32 and previous versions allows remote malicious users to gain administrative access by setting the name parameter to "users," as demonstrated via index.php.
Crux Software Gallery 1.31
Crux Software Gallery 1.30
Crux Software Gallery 1.2
Crux Software Gallery 1.1
Crux Software Gallery 1.0
Crux Software Gallery
Crux Software Gallery 1.32
1 EDB exploit
NA
CVE-2008-0700
Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote malicious users to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Crux Software Cruxcms 3.0
1 EDB exploit
9.8
CVSSv3
CVE-2020-29389
The official Crux Linux Docker images 3.0 up to and including 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an malicious user to achieve root access with a blank password.
Docker Crux Linux Docker Image
NA
CVE-2010-1091
Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote malicious users to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters.
Phpmysite Phpmysite
1 EDB exploit
NA
CVE-2010-1092
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote malicious users to execute arbitrary SQL commands via the (1) us and (2) ps parameters.
Scriptsfeed Business Directory Software
1 EDB exploit
NA
CVE-2010-1090
SQL injection vulnerability in index.php in phpMySite allows remote malicious users to execute arbitrary SQL commands via the action parameter.
Phpmysite Phpmysite
1 EDB exploit
NA
CVE-2010-1361
Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING_AUFRUF.php in PHPepperShop 2.5 allows remote malicious users to inject arbitrary web script or HTML via the darstellen parameter.
Glarotech Phpeppershop 2.5
1 EDB exploit
NA
CVE-2010-1369
SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote malicious users to execute arbitrary SQL commands via the email parameter.
Preprojects Pre Classified Listings Asp
1 EDB exploit
NA
CVE-2010-0321
Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Job Board 3.0 allows remote malicious users to inject arbitrary web script or HTML via the post_id parameter.
Jamit Jamit Job Board 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started