Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3859
Davlin Thickbox Gallery 2 allows remote malicious users to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.
Davlin Thickbox Gallery 2
1 EDB exploit
NA
CVE-2008-3926
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the...
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2009-3506
Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote malicious users to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name parameter to modules.php.
Jean-michel Wyttenbach Cmsphp 0.21
1 EDB exploit
NA
CVE-2009-3507
Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter.
Jean-michel Wyttenbach Cmsphp 0.21
1 EDB exploit
NA
CVE-2009-3508
Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) _class parameter to admin.php and the (2) url parameter to install/install.php; and allow remote authenticated...
Fcgphilipp Mujecms 1.0.4.34
1 EDB exploit
NA
CVE-2008-6906
Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote malicious users to inject arbitrary web script or HTML via the username.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
NA
CVE-2008-7006
Free PHP VX Guestbook 1.06 allows remote malicious users to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.
Phpversion Php Vx Guestbook 1.06
1 EDB exploit
NA
CVE-2008-3923
Multiple cross-site scripting (XSS) vulnerabilities in statistics.php in Content Management Made Easy (CMME) 1.12 allow remote malicious users to inject arbitrary web script or HTML via the (1) page and (2) year parameters in an hstat_year action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-3924
The "Make a backup" functionality in Content Management Made Easy (CMME) 1.12 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover (1) account names and (2) password hashes via a direct request...
Hans Oesterholt Cmme 1.12
1 EDB exploit
NA
CVE-2008-3925
Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) 1.12 allows remote malicious users to trigger the logout of an administrative user via a logout action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »