Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d3v1l vulnerabilities and exploits
(subscribe to this query)
510
VMScore
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
755
VMScore
CVE-2008-5064
SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
H\\&h Websoccer 2.80
1 EDB exploit
435
VMScore
CVE-2009-1623
Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote malicious users to inject arbitrary web script or HTML via the PID parameter.
Dew-code Dew-newphplinks 2.0
1 EDB exploit
505
VMScore
CVE-2009-1624
Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the show parameter.
Dew-code Dew-newphplinks 2.0
1 EDB exploit
435
VMScore
CVE-2012-2371
Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.
Mnt-tech Wp-facethumb 0.1
1 EDB exploit
755
VMScore
CVE-2007-3811
Multiple SQL injection vulnerabilities in eSyndiCat allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to news.php or (2) the name parameter to page.php.
Esyndicat Esyndicat Directory 1.6
1 EDB exploit
755
VMScore
CVE-2010-2674
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an articolo action.
Alanzard Tsoka\\ Cms
1 EDB exploit
755
VMScore
CVE-2008-6028
SQL injection vulnerability in list.php in University of Queensland Library Fez 1.3 and 2.0 RC1 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter in a subject action.
University Of Queensland Fez 2.0
University Of Queensland Fez 1.3
1 EDB exploit
435
VMScore
CVE-2008-5126
Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote malicious users to inject arbitrary web script or HTML via the search_query parameter.
Boutikone Boutikone Cms
1 EDB exploit
755
VMScore
CVE-2008-6031
SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.
Wsn Links Wsn Links 2.22
Wsn Links Wsn Links 2.23
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »