Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4674
admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote malicious users to change an arbitrary password via a modified user_id field.
Mole-group Sky Hunter Airline Ticket Sale Script -
Mole-group Bus Ticket Script -
1 EDB exploit
NA
CVE-2009-4675
admin/admin_info/index.php in the Mole Group Gastro Portal (Restaurant Directory) Script does not require administrative authentication, which allows remote malicious users to change the admin password via an unspecified form submission.
Mole-group Gastro Portal \\(restaurant Directory\\) Script -
1 EDB exploit
NA
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
NA
CVE-2008-7045
AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2008-7046
AJ Square Free Polling Script (AJPoll) allows remote malicious users to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtain...
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2008-7051
AJ Square AJ Article allows remote malicious users to bypass authentication and access administrator functionality via a direct request to (1) user.php, (2) articles.php, (3) articlesuspend.php, (4) site.php, (5) statistics.php, (6) mail.php, (7) category.php, (8) subcategory.php...
Ajsquare Aj Article
1 EDB exploit
NA
CVE-2008-7044
SQL injection vulnerability in admin/include/newpoll.php in AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to execute arbitrary SQL commands via the ques parameter.
Ajsquare Free Polling Script
1 EDB exploit
NA
CVE-2008-6963
admin.php in TurnkeyForms Text Link Sales allows remote malicious users to bypass authentication and gain administrative privileges via a direct request.
Turnkeyforms Text Link Sales
1 EDB exploit
NA
CVE-2008-6965
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote malicious users to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mai...
Aj Square Aj Auction Web 2.0
Aj Square Aj Auction 2.0
Aj Square Aj Auction 1.0
Aj Square Aj Auction
1 EDB exploit
NA
CVE-2008-6966
AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass authentication via a direct request to admin/user.php.
Aj Square Aj Auction 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »