Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
girex vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3416
SQL injection vulnerability in modules/members.php in IceBB prior to 1.0-rc9.3 allows remote malicious users to execute arbitrary SQL commands via the username parameter in a members action to index.php, related to an incorrect protection mechanism in the clean_string function in...
Icebb Icebb 1.0
1 EDB exploit
NA
CVE-2008-2028
miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote malicious users to obtain the full path via a direct request to the glang parameter in a registernew action to index.php, which leaks the path in an error message.
Minibb Minibb
1 EDB exploit
NA
CVE-2008-1860
Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and previous versions allows remote malicious users to inject arbitrary PHP code into includes/Config.php via the default parameter.
Lokicms Lokicms 0.3.1b1
Lokicms Lokicms 0.3.1b2
Lokicms Lokicms 0.3.2b1
Lokicms Lokicms
Lokicms Lokicms 0.2.0
Lokicms Lokicms 0.3.0
Lokicms Lokicms 0.1.0
Lokicms Lokicms 0.1.0rc1
1 EDB exploit
NA
CVE-2008-1911
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a cookpass cookie.
1024 Cms 1024 Cms 1.4.2
1 EDB exploit
NA
CVE-2008-7064
Directory traversal vulnerability in the get_lang function in global.php in Quicksilver Forums 1.4.2 and previous versions, as used in QSF Portal prior to 1.4.5, when running on Windows, allows remote malicious users to include and execute arbitrary local files via a "\"...
Quicksilver Forums Quicksilver Forums 1.4.2
1 EDB exploit
NA
CVE-2008-1553
Directory traversal vulnerability in mod.php in TopperMod 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the to parameter.
Topper Toppermod 1.0
1 EDB exploit
NA
CVE-2008-1554
SQL injection vulnerability in account/index.php in TopperMod 2.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism.
Topper Toppermod 2.0
1 EDB exploit
NA
CVE-2008-2024
Cross-site scripting (XSS) vulnerability in index.php in miniBB 2.2, and possibly earlier, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the glang[] parameter in a registernew action.
Minibb Minibb
1 EDB exploit
NA
CVE-2008-3153
SQL injection vulnerability in Triton CMS Pro allows remote malicious users to execute arbitrary SQL commands via the X-Forwarded-For HTTP header.
Tritoncms Triton Cms Pro
1 EDB exploit
NA
CVE-2009-1949
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Unclassified Newsboard 1.6.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »