Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lionturk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4825
8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for App_Data/sb.mdb.
8pixel Simple Blog 4.0
1 EDB exploit
NA
CVE-2009-4820
Angelo-Emlak 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for veribaze/angelo.mdb.
Aspindir Angelo-emlak 1.0
1 EDB exploit
NA
CVE-2010-1064
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/ajxgaleri.mdb.
Aspindir Erolife Ajxgaleri Vt
1 EDB exploit
NA
CVE-2010-0976
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote malicious users to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final instal...
Acidcat Acidcat Cms 3.5.1
Acidcat Acidcat Cms 3.5.0
Acidcat Acidcat Cms 3.5.3
Acidcat Acidcat Cms 3.5.2
1 EDB exploit
NA
CVE-2010-0978
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/db.mdb.
Kmsoft Guestbook 1.0
1 EDB exploit
NA
CVE-2010-0984
Acidcat CMS 3.5.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for databases/acidcat_3.mdb.
Acidcat Acidcat Cms 3.4.0
Acidcat Acidcat Cms
Acidcat Acidcat Cms 2.1.13
Acidcat Acidcat Cms 2.1.12
Acidcat Acidcat Cms 3.5.2
Acidcat Acidcat Cms 3.5.1
Acidcat Acidcat Cms 3.5.0
Acidcat Acidcat Cms 2.1.11
Acidcat Acidcat Cms 3.3.5
Acidcat Acidcat Cms 3.4.2
Acidcat Acidcat Cms 3.4.1
1 EDB exploit
NA
CVE-2010-0380
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote malicious users to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the ...
Jce-tech Php Calendars Script
1 EDB exploit
NA
CVE-2010-0375
SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote malicious users to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Jce-tech Php Calendars Script
1 EDB exploit
NA
CVE-2010-0376
Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote malicious users to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that...
Jce-tech Php Calendars Script
1 EDB exploit
NA
CVE-2009-4585
UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for database/db.mdb.
Aspindir Uranyumsoft Listing Service
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »