Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

yenh4cker vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2009-1584
Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m par...
R020 Tematres 1.031R020 Tematres 1.0.3
NA
CVE-2009-2164
Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php.
Kjtechforce Mailman Beta1
NA
CVE-2009-1613
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
Gowondesigns Leap 0.1.4
NA
CVE-2009-2598
Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and previous versions allow (1) remote malicious users to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary...
Onlinegrades Online Grades 3.2.6
NA
CVE-2009-1778
SQL injection vulnerability in the new user registration feature in BigACE CMS 2.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Bigace Bigace Cms 2.5
NA
CVE-2009-1799
Multiple SQL injection vulnerabilities in the getGalleryImage function in st_admin/gallery_output.php in ST-Gallery 0.1 alpha, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) gallery_category or (2) gallery_show parame...
Sebastian-thiele St-gallery 0.1 Alpha
NA
CVE-2009-1811
Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote malicious users to inject arbitrary web script or HTML via (1) the Page parameter in a List action to modules/ereignis.php, (2) the Kontext parameter in a Search action to modules/katego...
Collector Mygesuad 0.9.14
NA
CVE-2009-1408
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote malicious users to inject arbitrary web script or HTML allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated u...
Webspell Webspell 4.2.0c
NA
CVE-2009-1489
includes/user.php in Fungamez RC1 allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie parameter.
Rens Rikkerink Fungamez -
NA
CVE-2009-1583
Multiple cross-site scripting (XSS) vulnerabilities in TemaTres 1.0.3 and 1.031 allow remote malicious users to inject arbitrary web script or HTML via the (1) search form; (2) _expresion_de_busqueda, (3) letra, (4) estado_id, and (5) tema parameters to index.php; the (6) PATH_IN...
R020 Tematres 1.031R020 Tematres 1.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook