Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote malicious users to bypass authentication and (1) gain administrative privileges by setting the adm cookie to 1 or (2) gain privileges as another user by setting the logged cookie to the target username.
Turnkeyforms Web Hosting Directory -
1 EDB exploit
NA
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote malicious users to execute arbitrary SQL commands via the password field.
Turnkeyforms Web Hosting Directory -
1 EDB exploit
NA
CVE-2008-6963
admin.php in TurnkeyForms Text Link Sales allows remote malicious users to bypass authentication and gain administrative privileges via a direct request.
Turnkeyforms Text Link Sales
1 EDB exploit
NA
CVE-2008-6965
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote malicious users to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mai...
Aj Square Aj Auction Web 2.0
Aj Square Aj Auction 2.0
Aj Square Aj Auction 1.0
Aj Square Aj Auction
1 EDB exploit
NA
CVE-2008-6966
AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass authentication via a direct request to admin/user.php.
Aj Square Aj Auction 1.0
1 EDB exploit
NA
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
NA
CVE-2008-7045
AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2008-7046
AJ Square Free Polling Script (AJPoll) allows remote malicious users to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtain...
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2008-7051
AJ Square AJ Article allows remote malicious users to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php...
Ajsquare Aj Article
1 EDB exploit
NA
CVE-2008-6226
SQL injection vulnerability in moreinfo.php in Pre Projects PHP Auto Listings Script, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the itemno parameter.
Preproject Php Auto Listings Script Nil
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »