Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dr.crash vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4179
Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) page_id parameter to smileys.php and the (2) q parameter to search.php.
Nooms Nooms 1.1
2 EDB exploits
NA
CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote malicious users to execute arbitrary SQL commands via the read parameter in a search action.
Myiosoft Easypublish 3.0
1 EDB exploit
NA
CVE-2008-3345
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a pickup action.
Myiosoft Easye-cards 3.5
Myiosoft Easye-cards 3.10
1 EDB exploit
NA
CVE-2008-3380
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote malicious users to inject arbitrary web script or HTML via the rs parameter.
Myiosoft Easybookmarker 4.0
1 EDB exploit
NA
CVE-2008-3715
Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCMS 2.5 and previous versions, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the PreviousColorsString parameter.
Flexcms Flexcms 2.5
Flexcms Flexcms 2.0
1 EDB exploit
NA
CVE-2007-3198
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions prior to 20070610, allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Maran Php Blog
1 EDB exploit
NA
CVE-2008-3347
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote malicious users to execute arbitrary SQL commands via the read parameter.
Myiosoft Easydynamicpages 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started