Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
7.5
CVSSv2
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
5
CVSSv2
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
7.5
CVSSv2
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
7.5
CVSSv2
CVE-2007-1339
SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote malicious users to execute arbitrary SQL commands via the lcnt parameter.
Monitor-line Links Management
1 EDB exploit
7.5
CVSSv2
CVE-2007-0196
SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username field (txtUserName parameter) and possibly other parameters. NOTE: some details were obtain...
Motionborg Motionborg Web Real Estate
1 EDB exploit
7.5
CVSSv2
CVE-2007-0226
SQL injection vulnerability in wbsearch.aspx in uniForum 4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter).
Uniforum Uniforum
1 EDB exploit
6.8
CVSSv2
CVE-2007-0301
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Fdweb Espace Membre
Fdweb Espace Membre 2.01
1 EDB exploit
7.5
CVSSv2
CVE-2007-0566
SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Asp News Asp News
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »