Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-1368
Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1369
moziloCMS 1.11 allows remote malicious users to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1406
Directory traversal vulnerability in cms_detect.php in TotalCalendar 2.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the include parameter.
Sweetphp Totalcalendar 2.4
1 EDB exploit
NA
CVE-2009-1319
Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php.
Guestcal Guest Cal 2.1
1 EDB exploit
NA
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
NA
CVE-2009-1367
Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in search action, a different issue than CVE-2008-6127.2a.
Mozilo Mozilocms 1.11
1 EDB exploit
NA
CVE-2009-1404
SQL injection vulnerability in admin.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the user (Username) parameter.
Pastel Pastelcms 0.8.0
1 EDB exploit
NA
CVE-2009-1405
Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the set_lng parameter.
Pastel Pastelcms 0.8.0
1 EDB exploit
NA
CVE-2009-1486
Directory traversal vulnerability in pmscript.php in Flatchat 3.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the with parameter.
Ninjadesigns Flatchat 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »