Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cyber-zone vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2008-5784
V3 Chat - Profiles/Dating Script 3.0.2 allows remote malicious users to bypass authentication and gain administrative access by setting the admin cookie to 1.
V3chat V3 Chat Profiles Dating Script 3.0.2
2 EDB exploits
NA
CVE-2009-3717
Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via a long URI in a playlist (.m3u) file.
Lucvil Patplayer 3.9
1 EDB exploit
NA
CVE-2008-6917
SQL injection vulnerability in admin.php in Exocrew ExoPHPDesk 1.2 Final allows remote malicious users to execute arbitrary SQL commands via the username (user parameter).
Exoscripts Exophpdesk 1.2
1 EDB exploit
NA
CVE-2009-2568
Stack-based buffer overflow in Sorinara Streaming Audio Player (SAP) 0.9 allows remote malicious users to execute arbitrary code via a long string in a playlist (.m3u) file.
Sorinara Streaming Audio Player 0.9
2 EDB exploits
NA
CVE-2009-1746
SQL injection vulnerability in berita.php in Dian Gemilang DGNews 3.0 Beta allows remote malicious users to execute arbitrary SQL commands via the id parameter in a detail action.
Diangemilang Dgnews 3.0 Beta
1 EDB exploit
NA
CVE-2009-1627
Stack-based buffer overflow in Streaming Download Project (SDP) Downloader 2.3.0 allows remote malicious users to execute arbitrary code via a long .asf URL in the HREF attribute of a REF element in a .asx file.
Sdp Multimedia Streaming Download Project 2.3.0
3 EDB exploits
NA
CVE-2009-1609
Unrestricted file upload vulnerability in admin/uploadform.asp in Battle Blog 1.25 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
Battleblog Battle Blog 1.25
1 EDB exploit
NA
CVE-2008-6795
SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote malicious users to execute arbitrary SQL commands via the nID parameter.
Niclor Vibro-school-cms
2 EDB exploits
NA
CVE-2008-6796
SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote malicious users to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field).
Preprojects Pre Real Estate Listings
1 EDB exploit
NA
CVE-2009-1351
Heap-based buffer overflow in Apollo 37zz allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Heikki Ylinen Apollo 37zz
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »