Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fuzion vulnerabilities and exploits
(subscribe to this query)
265
VMScore
CVE-2008-0334
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote malicious users to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
Pmachine Pmachine Pro 2.4.1
1 EDB exploit
505
VMScore
CVE-2008-0465
Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the files parameter.
Seagullproject.org Seagull 0.6.3
1 EDB exploit
715
VMScore
CVE-2008-0729
Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 allows remote malicious users to cause a denial of service (memory exhaustion and device crash) via certain JavaScript code that constructs a long string and an array containing long string elements, possibly a related issue to CVE-20...
Apple Mobile Safari
1 EDB exploit
505
VMScore
CVE-2008-5856
Directory traversal vulnerability in scripts/export.php in ClaSS prior to 0.8.61 allows remote malicious users to read arbitrary files via directory traversal sequences in the ftype parameter.
Class Class
Class Class 0.8.59
Class Class 0.8.20
Class Class 0.8.14
Class Class 0.6.1
Class Class 0.6.0
Class Class 0.4
Class Class 0.8.32
Class Class 0.8.29
Class Class 0.8.26
Class Class 0.8
Class Class 0.8.0
Class Class 0.4.1
Class Class 0.4.0
Class Class 0.8.47
Class Class 0.8.40
Class Class 0.8.5
Class Class 0.5.0
Class Class 0.4.2
Class Class 0.8.56
Class Class 0.8.51
Class Class 0.8.10
1 EDB exploit
515
VMScore
CVE-2008-5859
SQL injection vulnerability in index.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the show_page parameter.
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.02.2
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms
1 EDB exploit
515
VMScore
CVE-2008-5860
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to create or read arbitrary files via directory traversal sequences in the ed...
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.01.0
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.02.2
1 EDB exploit
755
VMScore
CVE-2008-5890
SQL injection vulnerability in feeds.php in Injader prior to 2.1.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Injader Injader 2.0.3
Injader Injader 2.0.2
Injader Injader 1.6.1
Injader Injader
Injader Injader 2.1.0
1 EDB exploit
265
VMScore
CVE-2008-5847
Constructr CMS 3.02.5 and previous versions stores passwords in cleartext in a MySQL database, which allows context-dependent malicious users to obtain sensitive information by reading the hash column.
Constructr Constructr-cms 3.02.2
Constructr Constructr-cms 3.02.1
Constructr Constructr-cms 3.01.4
Constructr Constructr-cms 3.01.3
Constructr Constructr-cms 3.01.2
Constructr Constructr-cms 3.02.4
Constructr Constructr-cms 3.02.3
Constructr Constructr-cms 3.01.6
Constructr Constructr-cms 3.01.5
Constructr Constructr-cms 3.00.0
Constructr Constructr-cms
Constructr Constructr-cms 3.01.8
Constructr Constructr-cms 3.01.7
Constructr Constructr-cms 3.00.2
Constructr Constructr-cms 3.00.1
Constructr Constructr-cms 3.02.0
Constructr Constructr-cms 3.01.9
Constructr Constructr-cms 3.01.1
Constructr Constructr-cms 3.01.0
1 EDB exploit
435
VMScore
CVE-2008-5748
Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote malicious users to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.
Bloofox Bloofoxcms 0.3.4
1 EDB exploit
655
VMScore
CVE-2009-0645
Directory traversal vulnerability in index.php in Jaws 0.8.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) language, (2) Introduction_complete, and (3) use_log parameters, different vectors than CVE-2004-2445.
Jaws Jaws 0.8.8
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »