Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fuzion vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5890
SQL injection vulnerability in feeds.php in Injader prior to 2.1.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Injader Injader 2.0.3
Injader Injader 2.0.2
Injader Injader 1.6.1
Injader Injader
Injader Injader 2.1.0
1 EDB exploit
7.1
CVSSv2
CVE-2008-0729
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote malicious users to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-20...
Apple Mobile Safari
1 EDB exploit
6.8
CVSSv2
CVE-2009-0295
SQL injection vulnerability in index.php in Information Technology Light Poll Information (ITLPoll) 2.7 Stable 2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Itlpoll Itpoll 2.7
1 EDB exploit
6.5
CVSSv2
CVE-2009-0645
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
Jaws Jaws 0.8.8
1 EDB exploit
5.1
CVSSv2
CVE-2008-6851
SQL injection vulnerability in page.php in PHP Link Directory (phpLD) 3.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the name parameter.
Php Link Directory Php Link Directory 3.3
1 EDB exploit
5.1
CVSSv2
CVE-2008-5859
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the show_page parameter.
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.02.2
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms
1 EDB exploit
5.1
CVSSv2
CVE-2008-5860
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to create or read arbitrary files via directory traversal sequences in the ed...
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.02.2
1 EDB exploit
5
CVSSv2
CVE-2008-5856
Directory traversal vulnerability in scripts/export.php in ClaSS prior to 0.8.61 allows remote malicious users to read arbitrary files via directory traversal sequences in the ftype parameter.
Class Class
Class Class 0.8.59
Class Class 0.8.20
Class Class 0.8.14
Class Class 0.6.1
Class Class 0.6.0
Class Class 0.4
Class Class 0.8.32
Class Class 0.8.29
Class Class 0.8.26
Class Class 0.8
Class Class 0.8.0
Class Class 0.4.1
Class Class 0.4.0
Class Class 0.8.47
Class Class 0.8.40
Class Class 0.8.5
Class Class 0.5.0
Class Class 0.4.2
Class Class 0.8.56
Class Class 0.8.51
Class Class 0.8.10
1 EDB exploit
5
CVSSv2
CVE-2008-0465
Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the files parameter.
Seagullproject.org Seagull 0.6.3
1 EDB exploit
4.3
CVSSv2
CVE-2009-3167
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the template parameter.
Anantasoft Gazelle Cms 1.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »