Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knockout vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3608
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
NA
CVE-2009-2117
uye_paneli.php in phPortal 1.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the kulladi cookie to a valid username.
Phportal Phportal 1.0
1 EDB exploit
NA
CVE-2008-6802
Multiple SQL injection vulnerabilities in index.php in phPhotoGallery 0.92 allow remote malicious users to execute arbitrary SQL commands via the (1) Username and (2) Password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third ...
Phpexplorer Phphotogallery 0.92
1 EDB exploit
NA
CVE-2008-6516
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote malicious users to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of thi...
Phpkf Phpkf-portal 1.0
2 EDB exploits
NA
CVE-2008-2873
sHibby sHop 2.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request to Db/urun.mdb.
Aspindir Shibby Shop
1 EDB exploit
NA
CVE-2008-2882
upgrade.asp in sHibby sHop 2.2 and previous versions does not require administrative authentication, which allows remote malicious users to update a file or have unspecified other impact via a direct request.
Aspindir Shibby Shop
1 EDB exploit
NA
CVE-2008-2872
SQL injection vulnerability in default.asp in sHibby sHop 2.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the sayfa parameter.
Aspindir Shibby Shop
1 EDB exploit
NA
CVE-2008-2634
SQL injection vulnerability in index.asp in I-Pos Internet Pay Online Store 1.3 Beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the item parameter.
Bearrivernet.net I-pos Internet Pay Online Store 1.1
Bearrivernet.net I-pos Internet Pay Online Store
1 EDB exploit
NA
CVE-2008-1962
Multiple directory traversal vulnerabilities in Aterr 0.9.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) class parameter to include/functions.inc.php and the (2) file parameter to include/common.inc.php.
Chimaera Aterr 0.9.1
1 EDB exploit
NA
CVE-2008-1493
Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Cuteflow-bin Cuteflow Bin 1.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »