Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evuln.com vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2006-0350
Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote malicious users to inject arbitrary web script or HTML via the message field to topic.php.
Epic Designs Eggblog 2.0
1 EDB exploit
755
VMScore
CVE-2006-0349
SQL injection vulnerability in eggblog 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter to blog.php.
Epic Designs Eggblog 2.0
1 EDB exploit
312
VMScore
CVE-2006-0657
Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote authenticated users to inject arbitrary web script or HTML, and corrupt data, via the (1) username and (2) password parameters, which are not sanitized before being written to users.php. ...
Softcomplex Php Event Calendar 1.5
605
VMScore
CVE-2006-4327
Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Manager 2006-06-12 allow remote malicious users to inject arbitrary web script or HTML via the (1) title, (2) description, or (3) keywords parameters.
Cloudnine Interactive Links Manager 2006-06-12
383
VMScore
CVE-2006-0958
Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft freeForum prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) subject parameters.
Zoneo-soft Freeforum 1.1.1
Zoneo-soft Freeforum 1.0.1
Zoneo-soft Freeforum 1.1
Zoneo-soft Freeforum 1.1.2
Zoneo-soft Freeforum 1.2
Zoneo-soft Freeforum 1.0
668
VMScore
CVE-2006-1259
Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) email or (2) pass parameter to admin/index.php.
Maian Support 1.0
668
VMScore
CVE-2006-0570
Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote malicious users to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative in...
Hinton Design Phpstatus 1.0
383
VMScore
CVE-2006-0571
Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.
Hinton Design Phpstatus 1.0
668
VMScore
CVE-2006-0572
phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote malicious users to bypass authentication.
Hinton Design Phpstatus 1.0
668
VMScore
CVE-2006-0602
Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) username parameter to check.php or the id parameter to (2) admin/edit_smilie.php, (3) admin/add_theme.php, (4) admin/ban_ip.php, ...
Hinton Design Phphg Guestbook 1.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »