Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eugene minaev vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-7157
Unrestricted file upload vulnerability in EkinBoard 1.1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in upl...
Ekinboard Ekinboard
1 EDB exploit
7.5
CVSSv2
CVE-2008-7210
directory.php in AJchat 0.10 allows remote malicious users to bypass input validation and conduct SQL injection attacks via a numeric parameter with a value matching the s parameter's hash value, which prevents the associated $_GET["s"] variable from being unset. N...
Ming Han Ajchat 0.10
1 EDB exploit
6.8
CVSSv2
CVE-2008-0159
SQL injection vulnerability in index.php in eggBlog 3.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the eggblogpassword parameter in a cookie.
Eggblog Eggblog
1 EDB exploit
7.5
CVSSv2
CVE-2008-0255
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and previous versions, allows remote malicious users to execute arbitrary SQL commands via the section parameter.
Igamingcms Igaming Cms 1.5
Igamingcms Igaming Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-0157
SQL injection vulnerability in FlexBB 0.6.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the flexbb_temp_id parameter in a cookie.
Flexbb Flexbb 1.0 10005 Beta Release 1
Flexbb Flexbb
1 EDB exploit
6.8
CVSSv2
CVE-2008-0138
PHP remote file inclusion vulnerability in xoopsgallery/init_basic.php in the mod_gallery module for XOOPS, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter.
Xoops Xoopsgallery Module 1.3.3 9
1 EDB exploit
6.8
CVSSv2
CVE-2008-0147
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members action.
Smallnuke Smallnuke 2.0.4
1 EDB exploit
6.4
CVSSv2
CVE-2008-0210
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set through HTTP requests, which allows remote malicious users to bypass authentication via a sess[auth]=1 parameter settting. NOTE: this can be leveraged to conduct directory traversal a...
Uebimiau Webmail 2.7.2
Uebimiau Webmail 2.7.10
1 EDB exploit
7.5
CVSSv2
CVE-2008-0224
SQL injection vulnerability in index.php in the Newbb_plus 0.92 and previous versions module in RunCMS 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the Client-Ip parameter.
Runcms Runcms 1.6.1
Runcms Runcms 1.5.3
Runcms Runcms 1.6
1 EDB exploit
6.8
CVSSv2
CVE-2008-0139
Eval injection vulnerability in loudblog/inc/parse_old.php in Loudblog 0.8.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the template parameter.
Loudblog Loudblog
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »