Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d3v1l vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-6222
Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote malicious users to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
Joomlashowroom Pro Desk Support Center 1.0
Joomlashowroom Pro Desk Support Center 1.2
2 EDB exploits
4.3
CVSSv2
CVE-2008-5126
Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote malicious users to inject arbitrary web script or HTML via the search_query parameter.
Boutikone Boutikone Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-6401
SQL injection vulnerability in sayfa.php in JETIK-WEB allows remote malicious users to execute arbitrary SQL commands via the kat parameter.
Jetik Jetik-web -
1 EDB exploit
7.5
CVSSv2
CVE-2008-4497
SQL injection vulnerability in event_detail.php in Built2Go Real Estate Listings 1.5 allows remote malicious users to execute arbitrary SQL commands via the event_id parameter.
Built2go Real Estate Listings 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-4880
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
Maran Php Shop
1 EDB exploit
7.5
CVSSv2
CVE-2008-6031
SQL injection vulnerability in vote.php in WSN Links 2.22 and 2.23 allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported that 2.34 is also vulnerable.
Wsn Links Wsn Links 2.22
Wsn Links Wsn Links 2.23
1 EDB exploit
7.5
CVSSv2
CVE-2008-6179
SQL injection vulnerability in sug_cat.php in IndexScript 3.0 allows remote malicious users to execute arbitrary SQL commands via the parent_id parameter, a different vector than CVE-2007-4069.
Indexscript Indexscript 3.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-6271
Directory traversal vulnerability in index.php in TBmnetCMS 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the content parameter.
Tbmnet Tbmnetcms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5064
SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
H\\&h Websoccer 2.80
1 EDB exploit
4.3
CVSSv2
CVE-2011-5177
Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to the admins (2) blocks, (3) articles, or (4) suggest-category; or (5) sort parameter ...
Esyndicat Esyndicat Pro 2.3.05
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »