Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
NA
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
NA
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
NA
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
NA
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
NA
CVE-2006-6349
Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote malicious users to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the search engine.
Pwp Technologies The Classified Ad System
1 EDB exploit
NA
CVE-2006-6380
Cross-site scripting (XSS) vulnerability in index.asp in Ultimate HelpDesk allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter.
Ultimate Helpdesk Ultimate Helpdesk
1 EDB exploit
NA
CVE-2007-1616
SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the recid parameter.
Scriptmagix Scriptmagix Lyrics
1 EDB exploit
NA
CVE-2007-1617
SQL injection vulnerability in index.php in ScriptMagix Recipes 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Recipes
1 EDB exploit
NA
CVE-2007-1618
SQL injection vulnerability in index.php in ScriptMagix FAQ Builder 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Faq Builder
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »