Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4759
Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .BMX file.
Joric Bmxplay 0.4.4b
1 EDB exploit
NA
CVE-2009-4722
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Limny Limny 1.01
1 EDB exploit
NA
CVE-2009-4723
Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Netpet Netpet Cms 1.9
1 EDB exploit
NA
CVE-2009-4726
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Olivier Michaud Pierre-yves Quickdev4php
1 EDB exploit
NA
CVE-2009-4733
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
Supercrackmunkey Simpleloginsys 0.5
1 EDB exploit
NA
CVE-2009-4732
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Technotoad Tt Web Site Manager 0.5
1 EDB exploit
NA
CVE-2009-4209
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
Mozilo Mozilocms 1.11.1
1 EDB exploit
NA
CVE-2009-3714
Cross-site scripting (XSS) vulnerability in admin_login.php in MCshoutbox 1.1 allows remote malicious users to inject arbitrary web script or HTML via the loginerror parameter.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-3716
Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »