Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nbbn vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7222
Cross-site scripting (XSS) vulnerability in system/admin.php in RunCMS 1.6.1 allows remote malicious users to inject arbitrary web script or HTML via the rank_title parameter in a RankForumAdd action.
Runcms Runcms 1.6.1
1 EDB exploit
NA
CVE-2008-0439
Cross-site scripting (XSS) vulnerability in templates/default/admincp/attachments_header.php in DeluxeBB 1.1 allows remote malicious users to inject arbitrary web script or HTML via the lang_listofmatches parameter.
Deluxebb Deluxebb 1.1
1 EDB exploit
NA
CVE-2008-0574
Cross-site scripting (XSS) vulnerability in index.php in webSPELL 4.01.02 allows remote malicious users to inject arbitrary web script or HTML via the sort parameter in a whoisonline action.
Webspell Webspell 4.01.02
1 EDB exploit
NA
CVE-2008-0616
SQL injection vulnerability in the administration panel in the DMSGuestbook 1.7.0 plugin for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
Dmsguestbook Project Dmsguestbook 1.7.0
1 EDB exploit
NA
CVE-2008-0691
Multiple cross-site scripting (XSS) vulnerabilities in admin_panel.php in the Simon Elvery WP-Footnotes 2.2 plugin for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) wp_footnotes_current_settings[priority], (2) wp_footnotes_current_setti...
Wordpress Wp-footnotes 2.2
Simon Elvery Wp-footnotes 2.2
1 EDB exploit
NA
CVE-2008-1059
PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via a URL in the libpath parameter.
Wordpress Sniplets Plugin 1.1.2
Wordpress Sniplets Plugin 1.2.2
1 EDB exploit
NA
CVE-2008-0857
SQL injection vulnerability in index.php in WoltLab Burning Board 3.0.3 PL 1 allows remote malicious users to execute arbitrary SQL commands via the sortOrder parameter to the PMList page.
Woltlab Burning Board 3.0.3 Pl1
1 EDB exploit
NA
CVE-2008-1060
Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote malicious users to execute arbitrary PHP code via the text parameter.
Wordpress Sniplets Plugin 1.2.2
Wordpress Sniplets Plugin 1.1.2
1 EDB exploit
NA
CVE-2008-1061
Multiple cross-site scripting (XSS) vulnerabilities in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) text parameter to (a) warning.php, (b) notice.php, and (c) inset.php in view/sniplets/, and pos...
Wordpress Sniplets Plugin 1.1.2
Wordpress Sniplets Plugin 1.2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started