Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2021-43136
An authentication bypass issue in FormaLMS <= 2.4.4 allows an malicious user to bypass the authentication mechanism and obtain a valid access to the platform.
Formalms Formalms
685
VMScore
CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.
China-on-site Flexphpdirectory 0.0.1
1 EDB exploit
685
VMScore
CVE-2008-6750
Unrestricted file upload vulnerability in add.php in FlexPHPDirectory 0.0.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photo/.
China-on-site Flexphpdirectory 0.0.1
1 EDB exploit
505
VMScore
CVE-2005-3432
MiniGal 2 (MG2) 0.5.1 allows remote malicious users to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.
Thomas Rybak Minigal 2 0.5.1
Thomas Rybak Minigal 2 B13
1 EDB exploit
755
VMScore
CVE-2005-1149
SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameters.
1 EDB exploit
755
VMScore
CVE-2012-6626
SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the username field.
Brian Cabunac Browser To Email Phone Message System 1.0
1 EDB exploit
755
VMScore
CVE-2010-1046
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
Ryan Marshall Rostermain
1 EDB exploit
685
VMScore
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
755
VMScore
CVE-2008-6270
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the user parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
755
VMScore
CVE-2008-6272
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the pass parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »