Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
byalbayx vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2009-0459
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Password Protect: Enhanced 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of ...
Wholehogsoftware Password Protect 1.0
2 EDB exploits
760
VMScore
CVE-2009-0458
Multiple SQL injection vulnerabilities in admin/login_submit.php in Whole Hog Ware Support 1.x allow remote malicious users to execute arbitrary SQL commands via (1) the uid parameter (aka Username field) or (2) the pwd parameter (aka Password field). NOTE: some of these details ...
Wholehogsoftware Ware Support 1.0
2 EDB exploits
755
VMScore
CVE-2009-2239
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter...
Joomla Com Casino Videopoker 0.3.1
Joomla Com Casinobase 0.3.1
Joomla Com Casiino Blackjack 0.3.1
1 EDB exploit
755
VMScore
CVE-2009-0252
Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote malicious users to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are o...
Enthrallweb Ereservations
1 EDB exploit
755
VMScore
CVE-2009-0602
Unrestricted file upload vulnerability in upload.php in WikkiTikkiTavi 1.11 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in img/.
Wikkitikkitavi Wikkitikkitavi 1.11
1 EDB exploit
755
VMScore
CVE-2009-0281
SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Warhound Walking Club
1 EDB exploit
505
VMScore
CVE-2009-1495
Web File Explorer 3.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for data/db.mdb.
Webfileexplorer Web File Explorer 3.1
1 EDB exploit
505
VMScore
CVE-2009-2022
fipsCMS Light 2.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file and obtain sensitive information via a direct request for _fipsdb/db.mdb.
Fipsasp Fipscms Light 2.1
1 EDB exploit
505
VMScore
CVE-2009-2024
Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt.
Vt.rovno Asp Vt Auth 1.0
1 EDB exploit
505
VMScore
CVE-2009-2100
Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote malicious users to read arbitrary files via directory traversal sequences in the section parameter to index.php.
Joomlapraise Com Projectfork 2.0.10
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »