Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
g4n0k vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6912
Zeeways SHAADICLONE 2.0 allows remote malicious users to bypass authentication and gain administrative privileges via a direct request to admin/home.php.
Zeeways Shaadiclone 2.0
2 EDB exploits
9.3
CVSSv2
CVE-2009-1641
Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote malicious users to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
Mini-stream Ripper 3.0.1.1
2 EDB exploits
7.5
CVSSv2
CVE-2008-6231
Pre Classified Listing PHP allows remote malicious users to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Preprojects Pre Classified Listings -
2 EDB exploits
7.5
CVSSv2
CVE-2008-6232
Pre Shopping Mall allows remote malicious users to bypass authentication and gain administrative access by setting the (1) adminname and the (2) adminid cookies to "admin".
Preprojects Pre Shopping Mall -
2 EDB exploits
9.3
CVSSv2
CVE-2009-1645
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote malicious users to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.
Mini-stream Easy Rm-mp3 Converter 3.0.0.7
2 EDB exploits
7.5
CVSSv2
CVE-2008-6349
SQL injection vulnerability in survey_results_text.php in TurnkeyForms Business Survey Pro 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Turnkeyforms Business Survey Pro 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-6629
Cross-site scripting (XSS) vulnerability in detail.php in WEBBDOMAIN Multi Languages WebShop Online 1.02 allows remote malicious users to inject arbitrary web script or HTML via the name parameter.
Webbdomain Webshop Online 1.02
1 EDB exploit
4.3
CVSSv2
CVE-2008-6715
Multiple cross-site scripting (XSS) vulnerabilities in Pre ADS Portal 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the msg parameter to (1) homeadmin/adminhome.php and (2) homeadmin/signinform.php.
Preprojects Pre Ads Portal
1 EDB exploit
7.5
CVSSv2
CVE-2008-5221
The account_save action in admin/userinfo.php in wPortfolio 0.3 and previous versions does not require authentication and does not require knowledge of the original password, which allows remote malicious users to change the admin account password via modified password and passwo...
Wportfolio Wportfolio
Wportfolio Wportfolio 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-5219
The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and previous versions does not check for administrative authentication and does not require knowledge of the original password, which allows remote malicious users to change the admin account password via modified...
Videoscript Videoscript
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »