Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securitylab.ir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4665
Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Cutesoft Components Cute Editor For Asp.net
1 EDB exploit
NA
CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of...
Elkagroup Image Gallery 1.0
1 EDB exploit
NA
CVE-2009-1622
SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote malicious users to execute arbitrary SQL commands via the order_sn parameter in an order_query action.
Ecshop Ecshop 2.5.0
1 EDB exploit
NA
CVE-2009-4470
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the groupboardid parameter.
Dvbbs Dvbbs 2.0
1 EDB exploit
NA
CVE-2009-1764
SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a digg action.
Bokecc Maxcms 2.0
1 EDB exploit
NA
CVE-2009-2557
Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the fichier parameter.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-2558
system/message.php in Admin News Tools 2.5 does not properly restrict access, which allows remote malicious users to post news messages via a direct request.
Adminnewstools Admin News Tools 2.5
1 EDB exploit
NA
CVE-2009-1818
SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via an m_username cookie in an add action.
Maxcms Maxcms 2.0
1 EDB exploit
NA
CVE-2009-3124
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote malicious users to read arbitrary files via a .. (dot dot) in the tf parameter.
Ipmotor Quarkmail -
1 EDB exploit
NA
CVE-2009-3173
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Theratstudios The Rat Cms 2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »