Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injector5 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-7117
eledicss.php in WeBid auction script 0.5.4 allows remote malicious users to modify arbitrary cascading style sheets (CSS) files via a certain request with the file parameter set to style.css. NOTE: this can probably be leveraged for cross-site scripting (XSS) attacks.
Webidsupport Webid 0.5.4
1 EDB exploit
7.5
CVSSv2
CVE-2008-7116
SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote malicious users to execute arbitrary SQL commands via the username.
Webidsupport Webid 0.5.4
1 EDB exploit
5
CVSSv2
CVE-2008-7118
WeBid auction script 0.5.4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain SQL query logs via a direct request for logs/cron.log.
Webidsupport Webid 0.5.4
1 EDB exploit
5
CVSSv2
CVE-2008-7080
Team PHP PHP Classifieds Script stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database credentials via a direct request for admin/backup/datadump.sql.
Phpclassifiedsscript Php Classifieds Script
1 EDB exploit
6
CVSSv2
CVE-2008-7021
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unsp...
Availscript Jobs Portal Script -
1 EDB exploit
7.5
CVSSv2
CVE-2009-2770
PowerUpload 2.4 allows remote malicious users to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie.
Powerupload Powerupload 2.4
1 EDB exploit
7.5
CVSSv2
CVE-2009-2567
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Almondsoft Almond Classifieds 5.6.2
1 EDB exploit
6
CVSSv2
CVE-2009-1750
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
Omnisoftsol Vidsharepro
1 EDB exploit
7.5
CVSSv2
CVE-2009-1736
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php.
Joomla Com Gsticketsystem
1 EDB exploit
6.8
CVSSv2
CVE-2009-1663
Unrestricted file upload vulnerability in myaccount.php in Easy Scripts Answer and Question Script allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads/[username...
Easy-scripts Answer And Question Script
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »