Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d3v1l vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
NA
CVE-2008-4880
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
Maran Php Shop
1 EDB exploit
NA
CVE-2007-3811
Multiple SQL injection vulnerabilities in eSyndiCat allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php.
Esyndicat Esyndicat Directory 1.6
1 EDB exploit
NA
CVE-2007-6376
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this informati...
Francisco Burzi Php-nuke 8.0 Final
1 EDB exploit
NA
CVE-2008-6028
SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter in a subject action.
University Of Queensland Fez 2.0
University Of Queensland Fez 1.3
1 EDB exploit
NA
CVE-2008-6031
SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.
Wsn Links Wsn Links 2.22
Wsn Links Wsn Links 2.23
1 EDB exploit
NA
CVE-2008-6033
SQL injection vulnerability in comments.php in WSN Links 2.20 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Wsn Links Wsn Links 2.20
1 EDB exploit
NA
CVE-2008-6271
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the content parameter.
Tbmnet Tbmnetcms 1.0
1 EDB exploit
NA
CVE-2008-6401
SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote malicious users to execute arbitrary SQL commands via the kat parameter.
Jetik Jetik-web -
1 EDB exploit
NA
CVE-2009-2172
Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter.
Dream Radio And Tv Player Addon For Vbulletin
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »