Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1974
SQL injection vulnerability in the getArticle function in class/wfsarticle.php in WF-Section (aka WF-Sections) 1.0.1, as used in Xoops modules such as (1) Zmagazine 1.0, (2) Happy Linux XFsection 1.07 and previous versions, and possibly other modules, allows remote malicious user...
Wf-sections Wf-sections 1.0.1
Xoops Zmagazine Module 1.0
Xoops Happy Linux Xfsection Module
3 EDB exploits
NA
CVE-2005-0725
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote malicious users to execute arbitrary SQL commands via the articleid parameter to article.php.
Wf-sections Wf-sections 1.07
3 EDB exploits
NA
CVE-2009-0427
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Member Directory Manager 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Member Directory Manager 1.1
2 EDB exploits
NA
CVE-2009-0428
SQL injection vulnerability in CategoryManager/upload_image_category.asp in DMXReady Secure Document Library 1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Dmxready Secure Document Library
Dmxready Secure Document Library 1.0
2 EDB exploits
NA
CVE-2007-0620
download.php in FD Script 1.3.2 and previous versions allows remote malicious users to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php.
Vlad Leont Fd Script 1.3.2
Vlad Leont Fd Script 1.3
Vlad Leont Fd Script 1.3.1
2 EDB exploits
NA
CVE-2007-0301
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Fdweb Espace Membre
Fdweb Espace Membre 2.01
1 EDB exploit
NA
CVE-2007-0306
SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Digiappz Digiaffiliate
1 EDB exploit
NA
CVE-2006-4882
SQL injection vulnerability in Review.asp in Julian Roberts Charon Cart 3 allows remote malicious users to execute arbitrary SQL commands via the ProductID parameter.
Charon Internet Charon Cart 3
1 EDB exploit
NA
CVE-2006-5640
SQL injection vulnerability in guestbookview.asp in Techno Dreams Guest Book 1.0 earlier allows remote malicious users to execute arbitrary SQL commands via the key parameter.
Techno Dreams Techno Dreams Guest Book
1 EDB exploit
NA
CVE-2007-0554
SQL injection vulnerability in print.asp in Guo Xu Guos Posting System (GPS) 1.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Guo Xu Guos Posting System Guo Xu Guos Posting System 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »