Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
NA
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
NA
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
NA
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
NA
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
NA
CVE-2009-0426
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Classified Listings Manager 1.1
1 EDB exploit
NA
CVE-2007-0765
SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and previous versions allows remote malicious users to execute arbitrary SQL commands via the c_id parameter.
Db Masters Multimedia Curium Cms
1 EDB exploit
NA
CVE-2007-0786
SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Noname Media Photo Galerie Standard 1.1
Noname Media Photo Galerie Standard
1 EDB exploit
NA
CVE-2007-0824
PHP remote file inclusion vulnerability in inhalt.php in LightRO CMS 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the dateien[news] parameter.
Lightro Lightro Cms 1 Beta
1 EDB exploit
NA
CVE-2007-0864
SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allows remote malicious users to inject arbitrary SQL commands via the id parameter.
Lushiwarplaner Lushiwarplaner 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »