Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
john martinelli vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-2549
SQL injection vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to execute arbitrary SQL commands via the (1) c or (2) quantity parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
755
VMScore
CVE-2007-2247
SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote malicious users to execute arbitrary SQL commands via the item_id parameter.
Phpmyspace Phpmyspace 8.10
1 EDB exploit
755
VMScore
CVE-2007-2207
SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
755
VMScore
CVE-2007-1956
SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the C parameter.
Ubbcentral Ubb.threads
1 EDB exploit
685
VMScore
CVE-2007-2757
Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote malicious users to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php.
Dean J Robinson Redoable 1.2
1 EDB exploit
685
VMScore
CVE-2007-1996
PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and previous versions, allows remote malicious users to execute arbitrary PHP code via a URL in the process_method parameter.
Codebreak Codebreak
1 EDB exploit
585
VMScore
CVE-2007-2806
Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters.
Galix Galix 2.0
1 EDB exploit
510
VMScore
CVE-2014-9034
wp-includes/class-phpass.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 allows remote malicious users to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue...
Wordpress Wordpress 3.9.2
Wordpress Wordpress 4.0
Wordpress Wordpress
Wordpress Wordpress 3.8
Wordpress Wordpress 3.8.1
Wordpress Wordpress 3.8.2
Wordpress Wordpress 3.8.3
Wordpress Wordpress 3.9
Wordpress Wordpress 3.8.4
Wordpress Wordpress 3.9.1
2 EDB exploits
1 Github repository
435
VMScore
CVE-2007-3049
Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 allows remote malicious users to inject arbitrary web script or HTML via the title parameter.
Buttercup Wfm Buttercup Wfm May-2007
1 EDB exploit
435
VMScore
CVE-2007-2547
Cross-site scripting (XSS) vulnerability in index.php in TurnkeyWebTools SunShop Shopping Cart 4.0 allows remote malicious users to inject arbitrary web script or HTML via the l parameter.
Turnkey Web Tools Sunshop Shopping Cart 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »