Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
don vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3434
SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php.
Onestopjoomla Com Tupinambis 1.0
1 EDB exploit
NA
CVE-2009-3333
PHP remote file inclusion vulnerability in koesubmit.php in the koeSubmit (com_koesubmit) component 1.0 for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Alibasta Com Koesubmit 1.0
1 EDB exploit
NA
CVE-2008-7042
PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 up to and including 1.11 allows remote malicious users to execute arbitrary PHP code via a URL in the tmp_sid parameter.
Freshscripts Fresh Email Script 1.0
Freshscripts Fresh Email Script 1.11
1 EDB exploit
NA
CVE-2008-7043
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 up to and including 1.11 allows remote malicious users to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session...
Freshscripts Fresh Email Script 1.0
Freshscripts Fresh Email Script 1.11
1 EDB exploit
NA
CVE-2008-3708
Multiple directory traversal vulnerabilities in dotCMS 1.6.0.9 allow remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter to (1) news/index.dot and (2) getting_started/macros/macros_detail.dot.
Dotcms Dotcms 1.6.0.9
1 EDB exploit
NA
CVE-2008-1297
SQL injection vulnerability in index.php in the eWriting (com_ewriting) 1.2.1 module for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the cat parameter in a selectcat action.
Joomla Com Ewriting 1.2.1
Mambo Com Ewriting 1.2.1
Ewriting Ewriting 1.2.1
1 EDB exploit
NA
CVE-2008-0832
SQL injection vulnerability in index.php in the Kemas Antonius com_quran 1.1 and previous versions component for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the surano parameter in a viewayat action.
Joomla Kemas Antonius Com Quran
Mambo Kemas Antonius Com Quran
1 EDB exploit
NA
CVE-2007-6668
admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not require administrative privileges, which allows remote malicious users to perform unrestricted file uploads, as demonstrated by uploading (1) a .php file and (2) a .php%00.jpeg file.
Peergoal Myspace Content Zone
1 EDB exploit
NA
CVE-2007-5373
ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs, which might allow local users to read the password by listing the process and its arguments, as demonstrated by a call to ldappasswd in the _changepassword function.
Ldapscripts Ldapscripts 1.4
Ldapscripts Ldapscripts 1.7
NA
CVE-2007-5218
Cross-site scripting (XSS) vulnerability in index.php in Don Barnes DRBGuestbook 1.1.13 allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Don Barnes Drbguestbook 1.1.13
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »