Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1425
SQL injection vulnerability in index.php in Triexa SonicMailer Pro 3.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the list parameter in an archive action.
Triexa Sonicmailer Pro
1 EDB exploit
NA
CVE-2006-6650
PHP remote file inclusion vulnerability in charts_constants.php in the Charts (mx_charts) 1.0.0 and previous versions module for mxBB allows remote malicious users to execute arbitrary PHP code via a URL in the module_root_path parameter.
Mxbb Mxbb Charts
1 EDB exploit
NA
CVE-2007-1428
SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote malicious users to execute arbitrary SQL commands via the salary parameter.
Php Labs Jobsitepro 1.0
1 EDB exploit
NA
CVE-2009-0426
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Classified Listings Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Classified Listings Manager 1.1
1 EDB exploit
NA
CVE-2007-1615
SQL injection vulnerability in index.php in ScriptMagix Jokes 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Jokes
1 EDB exploit
NA
CVE-2007-1618
SQL injection vulnerability in index.php in ScriptMagix FAQ Builder 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Scriptmagix Scriptmagix Faq Builder
1 EDB exploit
NA
CVE-2007-1960
SQL injection vulnerability in visit.php in the Rha7 Downloads (rha7downloads) 1.0 module for XOOPS, and possibly other versions up to 1.10, allows remote malicious users to execute arbitrary SQL commands via the lid parameter.
Xoops Rha7 Downloads Module 1.0
Xoops Rha7 Downloads Module 1.10
1 EDB exploit
NA
CVE-2007-1846
SQL injection vulnerability in index.php in the MyAds 2.04jp and previous versions module for Xoops allows remote malicious users to execute arbitrary SQL commands via the cid parameter, different vectors than CVE-2006-3341.
Xoops Malaika System Myads Module
1 EDB exploit
NA
CVE-2006-4945
Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the _PHPLIB[libdir] parameter to (1) rechnung.php or (2) prepend.php.
Cardway Digitalwebshop 1.110
Cardway Digitalwebshop 1.120
Cardway Digitalwebshop 1.128
1 EDB exploit
NA
CVE-2006-4946
PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card Web Builder (BCWB) 0.99, and possibly 2.5 Beta and previous versions, allows remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter.
Cmsdevelopment Business Card Web Builder
Cmsdevelopment Business Card Web Builder 0.99
Cmsdevelopment Business Card Web Builder 2.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »