Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
piker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6333
SQL injection vulnerability in news.php in RSS Simple News (RSSSN), when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Matthew General Rss Simple News -
1 EDB exploit
NA
CVE-2008-4517
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Geccbblite Geccbblite 2.0
1 EDB exploit
NA
CVE-2008-6018
Directory traversal vulnerability in index.php in MyPHPSite, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the mod parameter.
Myphpsite Myphpsite Nil
1 EDB exploit
NA
CVE-2008-5861
Directory traversal vulnerability in source.php in FreeLyrics 1.0 allows remote malicious users to read arbitrary files via directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information.
Freelyrics Freelyrics 1.0
1 EDB exploit
NA
CVE-2007-1478
download.php in McGallery 0.5b allows remote malicious users to read arbitrary files and obtain script source code via the filename parameter.
Mcgallery Mcgallery 0.5b
1 EDB exploit
NA
CVE-2008-5851
SQL injection vulnerability in index.php in My PHP Baseball Stats (MyPBS) allows remote malicious users to execute arbitrary SQL commands via the seasonID parameter.
Mypbs Mypbs Nil
1 EDB exploit
NA
CVE-2008-4137
PHP remote file inclusion vulnerability in footer.php in PHP-Crawler 0.8 allows remote malicious users to execute arbitrary PHP code via a URL in the footer_file parameter.
Php Crawler Php Crawler
1 EDB exploit
NA
CVE-2008-5732
Unrestricted file upload vulnerability in lib/image_upload.php in KafooeyBlog 1.55b allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file.
Kafooeyblog Kafooeyblog 1.55b
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started