Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajann vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4852
SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote malicious users to execute arbitrary SQL commands via the OrderBy parameter.
Quadcomm Q-shop 3.5
1 EDB exploit
NA
CVE-2006-4857
SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters.
Clicktech Clickblog 2.0
1 EDB exploit
NA
CVE-2006-4892
SQL injection vulnerability in faqview.asp in Techno Dreams FAQ Manager Package 1.0 allows remote malicious users to execute arbitrary SQL commands via the key parameter.
Techno Dreams Faq Manager Package 1.0
1 EDB exploit
NA
CVE-2006-4945
Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the _PHPLIB[libdir] parameter to (1) rechnung.php or (2) prepend.php.
Cardway Digitalwebshop 1.110
Cardway Digitalwebshop 1.120
Cardway Digitalwebshop 1.128
1 EDB exploit
NA
CVE-2006-2638
SQL injection vulnerability in member.asp in qjForum allows remote malicious users to execute arbitrary SQL commands via the uName parameter.
Qjstudios Qjforum
1 EDB exploit
NA
CVE-2006-6524
SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Uname (UserName) parameter.
Ezhrs Hr Assist
1 EDB exploit
NA
CVE-2007-0566
SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Asp News Asp News
1 EDB exploit
NA
CVE-2007-1025
PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter.
Virtualsystem Vs-link-partner
1 EDB exploit
NA
CVE-2007-2370
SQL injection vulnerability in index.php in the John Mordo Jobs 2.4 and previous versions module for XOOPS allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a jobsview action. NOTE: the module name was originally reported as Job Listings.
Xoops John Mordo Jobs Module
1 EDB exploit
NA
CVE-2010-2359
SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote malicious users to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007-1706.
Activewebsoftwares Ewebquiz 8.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »