Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
john martinelli vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-2247
SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote malicious users to execute arbitrary SQL commands via the item_id parameter.
Phpmyspace Phpmyspace 8.10
1 EDB exploit
7.5
CVSSv2
CVE-2007-2207
SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
7.5
CVSSv2
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the C parameter.
Ubbcentral Ubb.threads
1 EDB exploit
6.8
CVSSv2
CVE-2007-2757
Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote malicious users to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php.
Dean J Robinson Redoable 1.2
1 EDB exploit
6.8
CVSSv2
CVE-2007-1996
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and previous versions, allows remote malicious users to execute arbitrary PHP code via a URL in the process_method parameter.
Codebreak Codebreak
1 EDB exploit
5.8
CVSSv2
CVE-2007-2806
Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters.
Galix Galix 2.0
1 EDB exploit
5
CVSSv2
CVE-2014-9034
wp-includes/class-phpass.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 allows remote malicious users to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue...
Wordpress Wordpress 3.9.2
Wordpress Wordpress 4.0
Wordpress Wordpress
Wordpress Wordpress 3.8
Wordpress Wordpress 3.8.1
Wordpress Wordpress 3.8.2
Wordpress Wordpress 3.8.3
Wordpress Wordpress 3.9
Wordpress Wordpress 3.8.4
Wordpress Wordpress 3.9.1
2 EDB exploits
1 Github repository
4.3
CVSSv2
CVE-2007-3049
Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 allows remote malicious users to inject arbitrary web script or HTML via the title parameter.
Buttercup Wfm Buttercup Wfm May-2007
1 EDB exploit
4.3
CVSSv2
CVE-2007-2547
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to inject arbitrary web script or HTML via the l parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »