Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
d3v1l vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2009-1623
Cross-site scripting (XSS) vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote malicious users to inject arbitrary web script or HTML via the PID parameter.
Dew-code Dew-newphplinks 2.0
1 EDB exploit
755
VMScore
CVE-2007-6376
Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the filename parameter, a different vector than CVE-2006-4190. NOTE: the provenance of this informati...
Francisco Burzi Php-nuke 8.0 Final
1 EDB exploit
435
VMScore
CVE-2009-2172
Cross-site scripting (XSS) vulnerability in forum/radioandtv.php in the Radio and TV Player addon for vBulletin allows remote registered users to inject arbitrary web script or HTML via the station parameter.
Dream Radio And Tv Player Addon For Vbulletin
1 EDB exploit
755
VMScore
CVE-2008-4880
SQL injection vulnerability in prodshow.php in Maran PHP Shop allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2008-4879.
Maran Php Shop
1 EDB exploit
755
VMScore
CVE-2008-5064
SQL injection vulnerability in liga.php in H&H WebSoccer 2.80 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
H\\&h Websoccer 2.80
1 EDB exploit
505
VMScore
CVE-2009-1624
Directory traversal vulnerability in index.php in Dew-NewPHPLinks 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the show parameter.
Dew-code Dew-newphplinks 2.0
1 EDB exploit
755
VMScore
CVE-2010-2674
SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an articolo action.
Alanzard Tsoka\\ Cms
1 EDB exploit
435
VMScore
CVE-2012-2371
Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.
Mnt-tech Wp-facethumb 0.1
1 EDB exploit
435
VMScore
CVE-2008-5126
Cross-site scripting (XSS) vulnerability in search.php in BoutikOne CMS allows remote malicious users to inject arbitrary web script or HTML via the search_query parameter.
Boutikone Boutikone Cms
1 EDB exploit
435
VMScore
CVE-2011-5177
Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to the admins (2) blocks, (3) articles, or (4) suggest-category; or (5) sort parameter ...
Esyndicat Esyndicat Pro 2.3.05
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »