Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indoushka vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-0371
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hitmaaan Gallery 1.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) gall and (2) levela parameters.
Hitmaaan Hitmaaan Gallery 1.3
1 EDB exploit
6.8
CVSSv2
CVE-2010-0390
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote malicious users to execute arbitrary code by uploading a file w...
Phpf1 Max\\'s Image Uploader 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-1741
SQL injection vulnerability in request_account.php in Billwerx RC 5.2.2 PL2 allows remote malicious users to execute arbitrary SQL commands via the primary_number parameter.
Billwerx Billwerx Rc 5.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2010-1114
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) pg parameter to index.php and the (2) path parameter to news/form.php.
Comscripts Web Server Creator Web Portal 0.1
1 EDB exploit
4.3
CVSSv2
CVE-2009-4446
Cross-site scripting (XSS) vulnerability in admin.php in phpInstantGallery 1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Ikemcg Phpinstantgallery 1.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-4451
Unrestricted file upload vulnerability in upper.php in kandalf upper 0.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in fileup/.
Php.html Kandalf Upper 0.1
1 EDB exploit
4.3
CVSSv2
CVE-2009-4461
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php.
Flatpress Flatpress 0.909
1 EDB exploit
5.8
CVSSv2
CVE-2010-0756
Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote malicious users to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main.
Wikyblog Wikyblog 1.7.3
1 EDB exploit
4.3
CVSSv2
CVE-2010-1113
Cross-site scripting (XSS) vulnerability in the forum page in Web Server Creator - Web Portal 0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors to index.php.
Comscripts Web Server Creator Web Portal 0.1
1 EDB exploit
4.3
CVSSv2
CVE-2010-0365
Cross-site scripting (XSS) vulnerability in search.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allows remote malicious users to inject arbitrary web script or HTML via the order parameter.
Bitscripts Bits Video Script 2.04
Bitscripts Bits Video Script 2.05
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »