Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46581
SQL injection vulnerability in Inventory Management v.1.0 allows a local malicious user to execute arbitrary code via the name, uname and email parameters in the registration.php component.
Code-projects Inventory Management 1.0
1 Github repository
5
CVSSv2
CVE-2010-1658
Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote malicious users to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
Code-garage Com Noticeboard 1.3
1 EDB exploit
NA
CVE-2023-46020
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
Code-projects Blood Bank 1.0
1 Github repository
7.5
CVSSv2
CVE-2006-6551
PHP remote file inclusion vulnerability in libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainutils.inc.php in Tucows Client Code Suite (CCS) 1.2.1015 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _ENV[TCA_HOME] parameter.
Tucows Client Code Suite 1.2.1015
1 EDB exploit
7.5
CVSSv2
CVE-2007-2569
Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the friendly_path parameter to (1) core/data/yaml.inc.php, or _load.php in (2) core/data/, (3) core/display/, or (4) ...
Practical Creative And Code Friendly
1 EDB exploit
NA
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows malicious users to run arbitrary SQL commands via 'remail' parameter.
Code-projects Blood Bank 1.0
1 Github repository
NA
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
Code-projects Blood Bank 1.0
2 Github repositories
NA
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
Code-projects Blood Bank 1.0
1 Github repository
NA
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via the 'bid' parameter.
Code-projects Blood Bank 1.0
1 Github repository
7.5
CVSSv2
CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin prior to 3.5 for WordPress allows unauthenticated malicious users to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The ...
Oturia Smart Google Code Inserter
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »