Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4985
Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote malicious users to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text parameter in adminpanel/...
Grayscale Bandsite Cms 1.1
22 EDB exploits
NA
CVE-2006-5108
Multiple cross-site scripting (XSS) vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to inject arbitrary web script or HTML via the order_id parameter in (1) admin/print_order.php and (2) view_order.php; the (3) site_url and (4) la_search_home parameters a...
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
6 EDB exploits
NA
CVE-2006-4874
Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS allow remote malicious users to inject arbitrary web script or HTML via the (1) language[Admin name] and (2) language[Admin back] parameters in (a) modules/blocks.php; the (3) language[Register title] and (4) lang...
Jupiter Cms Jupiter Cms
4 EDB exploits
NA
CVE-2006-5107
Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, an...
Devellion Cubecart 2.0.4
Devellion Cubecart 2.0.5
Devellion Cubecart 2.0.2
Devellion Cubecart 2.0.3
Devellion Cubecart 2.0.6
Devellion Cubecart 2.0.0
Devellion Cubecart 2.0.1
4 EDB exploits
NA
CVE-2005-3682
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote malicious users to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
Wizz Forum Wizz Forum 1.20
3 EDB exploits
NA
CVE-2006-4838
Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) root_url and (2) dcp_version parameters in (a) admin/inc/footer.inc.php, and the root_url, (3) page_top_name, (4) page_name, an...
Codeworx Technologies Dcp-portal Se 6.0
2 EDB exploits
NA
CVE-2007-1142
Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php.
Reamday Enterprises Magic News Plus 1.0.2
2 EDB exploits
NA
CVE-2006-4751
Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the errcode parameter.
Laurentiu Matei Expandable Home Page Cms 0.5.1
1 EDB exploit
NA
CVE-2006-4836
SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already...
Codeworx Technologies Dcp-portal Se 6.0
1 EDB exploit
NA
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »