Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghc vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-30502
The unofficial vscode-ghc-simple (aka Simple Glasgow Haskell Compiler) extension prior to 0.2.3 for Visual Studio Code allows remote code execution via a crafted workspace configuration with replCommand.
7.5
CVSSv2
CVE-2008-0770
SQL injection vulnerability in arcade.php in ibProArcade 3.3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the g_display_order cookie parameter.
Ibproarcade Ibproarcade
1 EDB exploit
6.8
CVSSv2
CVE-2008-0478
Directory traversal vulnerability in index.php in SetCMS 3.6.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the set parameter, as demonstrated by sending a certain CLIENT_IP HTTP header in an enter action to index.php, and injec...
Setcms Setcms 3.6.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-0461
SQL injection vulnerability in index.php in the Search module in PHP-Nuke 8.0 FINAL and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the sid parameter in a comments action to modules.php. NOTE: some of t...
Francisco Burzi Php-nuke
1 EDB exploit
7.5
CVSSv2
CVE-2008-0421
SQL injection vulnerability in Invision Gallery 2.0.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via the album parameter in a rate command.
Invision Power Services Invision Gallery
1 EDB exploit
7.5
CVSSv2
CVE-2005-2383
SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote malicious users to execute arbitrary SQL commands via the user parameter in an HTTP POST request.
Phpnews Phpnews 1.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2005-0368
Multiple SQL injection vulnerabilities in CMScore allow remote malicious users to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php.
Chipmunk Scripts Cmscore
1 EDB exploit
5
CVSSv2
CVE-2005-0435
awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to read server web logs by setting the loadplugin and pluginmode parameters to rawlog.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
7.5
CVSSv2
CVE-2005-0805
SQL injection vulnerability in index.php in Subdreamer Light, when magic_quotes_gpc is enabled, allows remote malicious users to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not prop...
Subdreamer Subdreamer Light 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-0436
Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote malicious users to execute portions of Perl code via the PluginMode parameter.
Awstats Awstats 6.3
Awstats Awstats 6.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »