Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third p...
Anoochit Chalothorn Tiny Blogr 1.0.0
1 EDB exploit
NA
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
NA
CVE-2009-1222
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter.
Webedition Webedition 6.0.0.4
1 EDB exploit
NA
CVE-2009-0730
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, ...
Gigcalendar Com Gigcalendar 1.0
2 EDB exploits
NA
CVE-2008-6242
SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote malicious users to execute arbitrary SQL commands via the where parameter.
Scripts-for-sites Ez E-store -
2 EDB exploits
NA
CVE-2009-0409
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Mzbservices Max.blog 1.0.6
1 EDB exploit
NA
CVE-2008-5751
SQL injection vulnerability in index.php in AlstraSoft Web Email Script Enterprise (ESE) allows remote malicious users to execute arbitrary SQL commands via the id parameter in a directory action.
Alstrasoft Web Email Script Enterprise Nil
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4