Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cod3rz vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-2192
Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote malicious users to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.
Itcms Itcms 1.9
1 EDB exploit
7.5
CVSSv2
CVE-2008-6652
SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote malicious users to execute arbitrary SQL commands via the sitename parameter.
Insanevisions Onecms 2.5
1 EDB exploit
5
CVSSv2
CVE-2008-5105
KarjaSoft Sami FTP Server 2.0.x allows remote malicious users to cause a denial of service (daemon crash or hang) via certain (1) APPE, (2) CWD, (3) DELE, (4) MKD, (5) RMD, (6) RETR, (7) RNFR, (8) RNTO, (9) SIZE, and (10) STOR commands.
Karjasoft Sami Ftp Server 2.0.2
Karjasoft Sami Ftp Server 2.0.0
Karjasoft Sami Ftp Server 2.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-7155
NetRisk 1.9.7 does not properly restrict access to admin/change_submit.php, which allows remote malicious users to change the password of arbitrary users via a direct request.
Phprisk Netrisk 1.9.7
1 EDB exploit
7.6
CVSSv2
CVE-2008-3164
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected.
Fuzzylime Fuzzylime Cms 3.01
1 EDB exploit
7.5
CVSSv2
CVE-2008-2130
SQL injection vulnerability in poll_vote.php in iGaming CMS 1.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Igaming Cms 1.5
1 EDB exploit
5
CVSSv2
CVE-2008-6650
del.php in miniBloggie 1.0 allows remote malicious users to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
Mywebland Minibloggie 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6745
index.php in BlogPHP 2.0 allows remote malicious users to gain administrator privileges via a crafted email parameter in a register2 action.
Blogphp Blogphp 2.0
1 EDB exploit
10
CVSSv2
CVE-2008-6834
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads parameter to code/newsheads...
Fuzzylime Fuzzylime \\(cms\\) 3.0.1
Fuzzylime Fuzzylime \\(cms\\) 3.0.1a
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started