Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
injector5 vulnerabilities and exploits
(subscribe to this query)
855
VMScore
CVE-2008-6367
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.
Socialgroupie Social Groupie -
1 EDB exploit
755
VMScore
CVE-2008-7116
SQL injection vulnerability in the admin panel (admin/) in WeBid auction script 0.5.4 allows remote malicious users to execute arbitrary SQL commands via the username.
Webidsupport Webid 0.5.4
1 EDB exploit
755
VMScore
CVE-2009-2770
PowerUpload 2.4 allows remote malicious users to bypass authentication and gain administrative access via a MIME encoded value of admin for the myadminname cookie.
Powerupload Powerupload 2.4
1 EDB exploit
755
VMScore
CVE-2009-2567
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 5.6.2 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Almondsoft Almond Classifieds 5.6.2
1 EDB exploit
755
VMScore
CVE-2009-1736
SQL injection vulnerability in the GridSupport (GS) Ticket System (com_gsticketsystem) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the catid parameter in a viewCategory action to index.php.
Joomla Com Gsticketsystem
1 EDB exploit
755
VMScore
CVE-2009-1664
myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote malicious users to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
Easy-scripts Answer And Question Script
1 EDB exploit
755
VMScore
CVE-2008-6656
Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.
Openautoclassifieds Open Auto Classifieds 1.4.3b
1 EDB exploit
755
VMScore
CVE-2008-6608
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote malicious users to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) ...
Developiteasy Events Calendar 1.2
1 EDB exploit
755
VMScore
CVE-2008-6484
SQL injection vulnerability in login.php in Mole Group Taxi Map Script (aka Taxi Calc Dist Script) allows remote malicious users to execute arbitrary SQL commands via the user field.
Mole-group Taxi Calc Dist Script -
1 EDB exploit
755
VMScore
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass para...
Developiteasy Photo Gallery 1.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »