Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kenneth belva vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2192
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote malicious users to obtain passwords via a brute force attack.
Alexander Palmo Simple Php Blog 0.4.0
1 EDB exploit
NA
CVE-2005-2787
comment_delete_cgi.php in Simple PHP Blog allows remote malicious users to delete arbitrary files via the comment parameter.
Alexander Palmo Simple Php Blog 0.4.0
1 EDB exploit
NA
CVE-2014-6619
Multiple cross-site scripting (XSS) vulnerabilities in register-exec.php in Restaurant Script (PizzaInn_Project) 1.0.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) fname, (2) lname, or (3) login parameter.
Restaurantmis Restaurant Script 1.0.0
1 EDB exploit
NA
CVE-2014-6618
Cross-site scripting (XSS) vulnerability in Your Online Shop allows remote malicious users to inject arbitrary web script or HTML via the products_id parameter.
Your Online Shop Project Your Online Shop -
NA
CVE-2014-3148
Cross-site scripting (XSS) vulnerability in libahttp/err.c in OkCupid OKWS (OK Web Server) allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to a non-existent page, which is not properly handled in a 404 error page.
Ok Web Server Project Ok Web Server -
NA
CVE-2006-2531
Ipswitch WhatsUp Professional 2006 only verifies the user's identity via HTTP headers, which allows remote malicious users to spoof being a trusted console and bypass authentication by setting HTTP User-Agent header to "Ipswitch/1.0" and the User-Application header...
Ipswitch Whatsup Professional 2006
1 EDB exploit
NA
CVE-2015-2043
Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote malicious users to inject arbitrary web script or HTML via the (1) bt, (2) variable, or (3) et parameter to myspeed/db/historyitem.
Visualware Myconnection Server 8.2b
NA
CVE-2005-2733
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote malicious users to execute arbitrary code.
Alexander Palmo Simple Php Blog 0.4.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started