Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dr.crash vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-4179
Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) page_id parameter to smileys.php and the (2) q parameter to search.php.
Nooms Nooms 1.1
2 EDB exploits
4.3
CVSSv2
CVE-2008-3380
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote malicious users to inject arbitrary web script or HTML via the rs parameter.
Myiosoft Easybookmarker 4.0
1 EDB exploit
2.6
CVSSv2
CVE-2008-3715
Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCMS 2.5 and previous versions, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the PreviousColorsString parameter.
Flexcms Flexcms 2.5
Flexcms Flexcms 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-3347
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote malicious users to execute arbitrary SQL commands via the read parameter.
Myiosoft Easydynamicpages 3.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-3198
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions prior to 20070610, allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Maran Php Blog
1 EDB exploit
7.5
CVSSv2
CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote malicious users to execute arbitrary SQL commands via the read parameter in a search action.
Myiosoft Easypublish 3.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-3345
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a pickup action.
Myiosoft Easye-cards 3.5
Myiosoft Easye-cards 3.10
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started