Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blackhawk vulnerabilities and exploits
(subscribe to this query)
655
VMScore
CVE-2007-5374
cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing an admin action, which allows remote authenticated users to increase the privileges of any account.
Lightblog Lightblog 8.4.1.1
1 EDB exploit
1000
VMScore
CVE-2007-2776
AlstraSoft Template Seller Pro 3.25 and previous versions sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to inject a credential variable setting and obtain administrative access via a direct r...
Alstrasoft Template Seller
1 EDB exploit
655
VMScore
CVE-2006-6786
Open Newsletter 2.5 and previous versions allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php.
Open Newsletter Open Newsletter
Open Newsletter Open Newsletter 2.0
1 EDB exploit
755
VMScore
CVE-2014-9096
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id or (2) n parameter.
Pligg Pligg Cms
1 EDB exploit
755
VMScore
CVE-2009-1226
core/admin/delete.php in Podcast Generator 1.1 and previous versions does not properly restrict access to administrative functions, which allows remote malicious users to delete arbitrary files via the file parameter.
Podcast Generator Podcast Generator 1.0
Podcast Generator Podcast Generator 1.0 Beta
Podcast Generator Podcast Generator 0.96
Podcast Generator Podcast Generator 0.8
Podcast Generator Podcast Generator 0.6
Podcast Generator Podcast Generator 1.0 Beta3
Podcast Generator Podcast Generator 1.0 Beta2
Podcast Generator Podcast Generator 0.9
Podcast Generator Podcast Generator 0.81
Podcast Generator Podcast Generator 0.96.2
Podcast Generator Podcast Generator
Podcast Generator Podcast Generator 0.95
Podcast Generator Podcast Generator 0.94
Podcast Generator Podcast Generator 1.0 Beta4a
Podcast Generator Podcast Generator 1.0 Beta4
Podcast Generator Podcast Generator 0.93
Podcast Generator Podcast Generator 0.92
Podcast Generator Podcast Generator 0.91
1 EDB exploit
655
VMScore
CVE-2009-1230
Static code injection vulnerability in index.php in Podcast Generator 1.1 and previous versions allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.
Podcast Generator Podcast Generator 1.0 Beta4
Podcast Generator Podcast Generator 1.0 Beta3
Podcast Generator Podcast Generator 0.92
Podcast Generator Podcast Generator 0.91
Podcast Generator Podcast Generator
Podcast Generator Podcast Generator 1.0 Beta4a
Podcast Generator Podcast Generator 0.94
Podcast Generator Podcast Generator 0.93
Podcast Generator Podcast Generator 1.0
Podcast Generator Podcast Generator 1.0 Beta2
Podcast Generator Podcast Generator 1.0 Beta
Podcast Generator Podcast Generator 0.9
Podcast Generator Podcast Generator 0.81
Podcast Generator Podcast Generator 0.96.2
Podcast Generator Podcast Generator 0.96
Podcast Generator Podcast Generator 0.95
Podcast Generator Podcast Generator 0.8
Podcast Generator Podcast Generator 0.6
1 EDB exploit
755
VMScore
CVE-2007-2988
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to inject arbitrary PHP code, as demonstrated by a request to admin/create_engine.php followed...
Inout Scripts Inout Meta Search Engine
1 EDB exploit
685
VMScore
CVE-2007-2003
InoutMailingListManager 3.1 and previous versions sends a Location redirect header but does not exit after an authorization check fails, which allows remote malicious users to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redi...
Inoutmailinglistmanager Inoutmailinglistmanager
1 EDB exploit
755
VMScore
CVE-2007-2081
MyBlog 0.9.8 and previous versions allows remote malicious users to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php.
Myblog Myblog
1 EDB exploit
1000
VMScore
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »