Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blackhawk vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-2824
SQL injection vulnerability in paypal.php in AlstraSoft E-Friends 4.21 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pack parameter in a paypal action for index.php.
Alstrasoft E-friends
1 EDB exploit
1000
VMScore
CVE-2007-2775
AlstraSoft Live Support 1.21 sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to obtain administrative access via a direct request to admin/managesettings.php.
Alstrasoft Live Support 1.21
1 EDB exploit
1000
VMScore
CVE-2007-2776
AlstraSoft Template Seller Pro 3.25 and previous versions sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote malicious users to inject a credential variable setting and obtain administrative access via a direct r...
Alstrasoft Template Seller
1 EDB exploit
1000
VMScore
CVE-2007-2371
admin/index.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and previous versions provides access to configuration modification before login, which allows remote malicious users to cause a denial of service (loss of configuration data), and possibly perform direct static code ...
Gregory Kokanosky Phpmynewsletter
1 EDB exploit
1000
VMScore
CVE-2007-2372
admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and previous versions prints a Location header but does not exit when administrative credentials are missing, which allows remote malicious users to compose an e-mail message via a post with the subject, message, f...
Gregory Kokanosky Phpmynewsletter
1 EDB exploit
755
VMScore
CVE-2014-9096
Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id or (2) n parameter.
Pligg Pligg Cms
1 EDB exploit
755
VMScore
CVE-2009-1226
core/admin/delete.php in Podcast Generator 1.1 and previous versions does not properly restrict access to administrative functions, which allows remote malicious users to delete arbitrary files via the file parameter.
Podcast Generator Podcast Generator 1.0
Podcast Generator Podcast Generator 1.0 Beta
Podcast Generator Podcast Generator 0.96
Podcast Generator Podcast Generator 0.8
Podcast Generator Podcast Generator 0.6
Podcast Generator Podcast Generator 1.0 Beta3
Podcast Generator Podcast Generator 1.0 Beta2
Podcast Generator Podcast Generator 0.9
Podcast Generator Podcast Generator 0.81
Podcast Generator Podcast Generator 0.96.2
Podcast Generator Podcast Generator
Podcast Generator Podcast Generator 0.95
Podcast Generator Podcast Generator 0.94
Podcast Generator Podcast Generator 1.0 Beta4a
Podcast Generator Podcast Generator 1.0 Beta4
Podcast Generator Podcast Generator 0.93
Podcast Generator Podcast Generator 0.92
Podcast Generator Podcast Generator 0.91
1 EDB exploit
755
VMScore
CVE-2008-0350
admin/index.php in Evilsentinel 1.0.9 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to gain administrative privileges and make arbitrary configuration changes.
Evilsentinel Evilsentinel
1 EDB exploit
755
VMScore
CVE-2007-3586
Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and previous versions allow remote malicious users to inject arbitrary PHP code into (1) a _score.txt file via the score parameter, or (2) a _setby.txt file via a login cookie, which is then included by games.ph...
Mycms Mycms
1 EDB exploit
755
VMScore
CVE-2007-3587
MyCMS 0.9.8 and previous versions allows remote malicious users to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php.
Mycms Mycms
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »