Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
virangar security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0705
SQL injection vulnerability in news.php in PowerScripts PowerNews 2.5.4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
Powerscripts Powernews 2.5.4
1 EDB exploit
NA
CVE-2009-0707
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote malicious users to execute arbitrary SQL commands via the loginemail parameter (aka login field). NOTE: some of these details are obtained from third party information.
Powerscripts Powerclan 1.14a
1 EDB exploit
NA
CVE-2008-5820
SQL injection vulnerability in eDNews_view.php in eDreamers eDNews 2 allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
Edreamers Ednews 2.0
1 EDB exploit
NA
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
NA
CVE-2008-3598
Multiple SQL injection vulnerabilities in psipuss 1.0 allow remote malicious users to execute arbitrary SQL commands via (1) the Cid parameter to categories.php or (2) the Username parameter to login.php.
Psi-labs Psipuss 1.0
1 EDB exploit
NA
CVE-2008-3602
admin/wr_admin.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9.1 allows remote malicious users to bypass authentication and gain administrative access by setting the admin cookie to 1.
Psychdaily Php Ring Webring System 0.9.1
1 EDB exploit
NA
CVE-2008-3564
Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) p, (2) cat, and (3) archive parameters. NOTE: in some environments, this can be leveraged for remote ...
Dayfox Designs Dayfox Blog 4
1 EDB exploit
NA
CVE-2008-3292
constants.inc in EZWebAlbum 1.0 allows remote malicious users to bypass authentication and gain administrator privileges by setting the photoalbumadmin cookie, as demonstrated via addpage.php.
Ezwebalbum Ezwebalbum 1.0
1 EDB exploit
NA
CVE-2008-2906
SQL injection vulnerability in lista_anexos.php in WebChamado 1.1 allows remote malicious users to execute arbitrary SQL commands via the tsk_id parameter.
Webchamado Webchamado 1.1
1 EDB exploit
NA
CVE-2008-2858
SQL injection vulnerability in index.php in WebChamado 1.1 allows remote malicious users to execute arbitrary SQL commands via the eml parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Webchamado Webchamado 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »