Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
byalbayx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4806
admin/save_user.asp in Digital Interchange Document Library 1.0.1 does not require administrative authentication, which allows remote malicious users to read or modify the administrator's credentials via unspecified vectors. NOTE: some of these details are obtained from thir...
Digitalinterchange Digital Interchange Document Library 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-4202
Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
Omilenitsolutions Com Omphotogallery 0.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-2239
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter...
Joomla Com Casino Videopoker 0.3.1
Joomla Com Casinobase 0.3.1
Joomla Com Casiino Blackjack 0.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-2142
Multiple SQL injection vulnerabilities in admin/index.asp in Zip Store Chat 4.0 and 5.0 allow remote malicious users to execute arbitrary SQL commands via the (1) login and (2) senha parameters.
Zipstore Zip Store Chat 4.0
Zipstore Zip Store Chat 5.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1850
SQL injection vulnerability in index.php in phpBugTracker 1.0.3 allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Benjamin Curtis Phpbugtracker 1.0.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-1752
exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmessage2.asp, which allows remote malicious users to gain privileges a direct request. NOTE: some of these details are obtained from third party information.
Exjune Office Message System 1
1 EDB exploit
7.5
CVSSv2
CVE-2009-1748
Multiple directory traversal vulnerabilities in index.php in Catviz 0.4.0 Beta 1 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) webpages_form or (2) userman_form parameter.
Joost Horward Catviz 0.4.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-0602
Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi 1.11 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
Wikkitikkitavi Wikkitikkitavi 1.11
1 EDB exploit
7.5
CVSSv2
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of ...
Wholehogsoftware Password Protect 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details ...
Wholehogsoftware Ware Support 1.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »