Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g00db0y vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-0302
Directory traversal vulnerability in OWLS 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the (1) file parameter in index.php, (2) editfile in glossary.php, or (3) editfile in newmultiplechoice.php.
Fools Workshop Owls Workshop 1.0
3 EDB exploits
NA
CVE-2004-0303
OWLS 1.0 allows remote malicious users to retrieve arbitrary files via absolute pathnames in (1) the file parameter in /glossaries/index.php, (2) the filename parameter in /readings/index.php, or (3) the filename parameter in /multiplechoice/resultsignore.php, as demonstrated usi...
3 EDB exploits
NA
CVE-2004-2175
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote malicious users to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php.
All Enthusiast Inc Reviewpost Php Pro 2.5
All Enthusiast Inc Reviewpost Php Pro 2.5.1
2 EDB exploits
NA
CVE-2004-0293
Directory traversal vulnerability in ShopCartCGI 2.3 allows remote malicious users to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.
Shopcartcgi Shopcartcgi 2.3
2 EDB exploits
NA
CVE-2003-1088
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote malicious users to inject arbitrary web script or HTML via the method parameter.
Phpoutsourcing Zorum 3.2
Phpoutsourcing Zorum 3.3
Phpoutsourcing Zorum 3.4
Phpoutsourcing Zorum 3.0
Phpoutsourcing Zorum 3.1
Phpoutsourcing Zorum 3.5
1 EDB exploit
NA
CVE-2003-0557
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote malicious users to obtain sensitive user information via SQL statements in the password field.
Lagarde Storefront
1 EDB exploit
NA
CVE-2004-0275
SQL injection vulnerability in calendar_download.php in BosDates 3.2 and previous versions allows remote malicious users to obtain sensitive information and gain access via the calendar parameter.
Bosdev Bosdates 3.0
Bosdev Bosdates 3.1
Bosdev Bosdates 3.2
1 EDB exploit
NA
CVE-2004-0300
SQL injection vulnerability in Online Store Kit 3.0 allows remote malicious users to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id p...
Ecommerce Corporation Online Store Kit 3.0 Lite
Ecommerce Corporation Online Store Kit 3.0 Pro
Ecommerce Corporation Online Store Kit 3.0 Standard
4 EDB exploits
NA
CVE-2004-0327
Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote malicious users to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.
Skintech Phpnewsmanager 1.36
4 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started