Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dr.crash vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4179
Multiple cross-site scripting (XSS) vulnerabilities in NooMS 1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) page_id parameter to smileys.php and the (2) q parameter to search.php.
Nooms Nooms 1.1
2 EDB exploits
NA
CVE-2008-3715
Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the FlexCMS 2.5 and previous versions, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the PreviousColorsString parameter.
Flexcms Flexcms 2.5
Flexcms Flexcms 2.0
1 EDB exploit
NA
CVE-2008-3343
SQL injection vulnerability in staticpages/easypublish/index.php in MyioSoft EasyPublish 3.0tr (trial edition) allows remote malicious users to execute arbitrary SQL commands via the read parameter in a search action.
Myiosoft Easypublish 3.0
1 EDB exploit
NA
CVE-2008-3345
SQL injection vulnerability in staticpages/easyecards/index.php in MyioSoft EasyE-Cards 3.5 trial edition (tr) and 3.10a, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a pickup action.
Myiosoft Easye-cards 3.5
Myiosoft Easye-cards 3.10
1 EDB exploit
NA
CVE-2008-3347
SQL injection vulnerability in staticpages/easycalendar/index.php in MyioSoft EasyDynamicPages 3.0 trial edition (tr) allows remote malicious users to execute arbitrary SQL commands via the read parameter.
Myiosoft Easydynamicpages 3.0
1 EDB exploit
NA
CVE-2008-3380
Cross-site scripting (XSS) vulnerability in ajaxp_backend.php in MyioSoft EasyBookMarker 4.0 trial edition (tr) allows remote malicious users to inject arbitrary web script or HTML via the rs parameter.
Myiosoft Easybookmarker 4.0
1 EDB exploit
NA
CVE-2007-3198
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions prior to 20070610, allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Maran Php Blog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started