Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indoushka vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-1114
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) pg parameter to index.php and the (2) path parameter to news/form.php.
Comscripts Web Server Creator Web Portal 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-0755
PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote malicious users to execute arbitrary PHP code via a URL in the langFile parameter.
Wikyblog Wikyblog 1.7.3
1 EDB exploit
5.8
CVSSv2
CVE-2010-0756
Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote malicious users to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main.
Wikyblog Wikyblog 1.7.3
1 EDB exploit
5
CVSSv2
CVE-2010-1065
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/lebisoft.mdb.
Lebisoft Ziyaretci Defteri 7.4
Lebisoft Ziyaretci Defteri 7.5
1 EDB exploit
7.5
CVSSv2
CVE-2012-1210
SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pfile 1.02
1 EDB exploit
4.3
CVSSv2
CVE-2010-0365
Cross-site scripting (XSS) vulnerability in search.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allows remote malicious users to inject arbitrary web script or HTML via the order parameter.
Bitscripts Bits Video Script 2.04
Bitscripts Bits Video Script 2.05
1 EDB exploit
4.3
CVSSv2
CVE-2010-0371
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hitmaaan Gallery 1.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) gall and (2) levela parameters.
Hitmaaan Hitmaaan Gallery 1.3
1 EDB exploit
4.3
CVSSv2
CVE-2009-4678
Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Winn Winn Guestbook 2.4
1 EDB exploit
4.3
CVSSv2
CVE-2012-1211
Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote malicious users to inject arbitrary web script or HTML via the filecat parameter.
Powie Pfile 1.02
1 EDB exploit
4.3
CVSSv2
CVE-2004-1975
Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote malicious users to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.
Php Arena Pafiledb 3.0
Php Arena Pafiledb 3.0 Beta 3.1
Php Arena Pafiledb 3.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »