Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injector5 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7116
SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote malicious users to execute arbitrary SQL commands via the username.
Webidsupport Webid 0.5.4
1 EDB exploit
NA
CVE-2008-7117
eledicss.php in WeBid auction script 0.5.4 allows remote malicious users to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting (XSS) attacks.
Webidsupport Webid 0.5.4
1 EDB exploit
NA
CVE-2008-7118
WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain SQL query logs via a direct request for logs/cron.log.
Webidsupport Webid 0.5.4
1 EDB exploit
NA
CVE-2008-7080
Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request for admin/backup/datadump.sql.
Phpclassifiedsscript Php Classifieds Script
1 EDB exploit
NA
CVE-2008-7021
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unsp...
Availscript Jobs Portal Script -
1 EDB exploit
NA
CVE-2009-2770
PowerUpload 2.4 allows remote malicious users to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie.
Powerupload Powerupload 2.4
1 EDB exploit
NA
CVE-2009-2567
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Almondsoft Almond Classifieds 5.6.2
1 EDB exploit
NA
CVE-2009-1750
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
Omnisoftsol Vidsharepro
1 EDB exploit
NA
CVE-2009-1736
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php.
Joomla Com Gsticketsystem
1 EDB exploit
NA
CVE-2009-1664
myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote malicious users to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
Easy-scripts Answer And Question Script
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »