Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
joss vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5480
Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote malicious users to inject arbitrary web script or HTML via the (1) msg parameter to msg.jsp, and the (2) contentid parameter to tc/contents/home001.jsp.
Innovaage Innovashop
2 EDB exploits
NA
CVE-2008-1336
SQL injection vulnerability in Koobi CMS 4.2.3 up to and including 4.3.0 allows remote malicious users to execute arbitrary SQL commands via the categ parameter in a links action to index.php, a different vector than CVE-2008-1122.
Koobi Koobi Cms 4.2.3
Koobi Koobi Cms 4.2.4
Koobi Koobi Cms 4.2.7
Koobi Koobi Cms 4.2.8
Koobi Koobi Cms 4.2.9
Koobi Koobi Cms 4.3.0
Koobi Koobi Cms 4.2.5
Koobi Koobi Cms 4.2.6
1 EDB exploit
NA
CVE-2008-1345
Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and previous versions allows remote malicious users to inject arbitrary web script or HTML via the day parameter in a dayview action.
Myiosoft Easycalendar 4.0tr
1 EDB exploit
NA
CVE-2008-1414
Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) 5.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the tab parameter to (1) index.php, as demonstrated using mixed case and encoded whitespace characters in the ...
Riceball Multiple Time Sheets
1 EDB exploit
NA
CVE-2008-1426
SQL injection vulnerability in album.asp in KAPhotoservice allows remote malicious users to execute arbitrary SQL commands via the albumid parameter.
Kaphotoservice Kaphotoservice
1 EDB exploit
NA
CVE-2008-6425
SQL injection vulnerability in news.php in ComicShout 2.8 allows remote malicious users to execute arbitrary SQL commands via the news_id parameter, a different vector than CVE-2008-2456.
Comicshout Comicshout 2.8
1 EDB exploit
NA
CVE-2010-3210
Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter to (1) checkout2-CYM.php, (2) checkout2-EN.php, (3) checkout2-FR.php, (4) cat-FR.php, (5) c...
Martin Lee Multi-lingual E-commerce System 0.2
1 EDB exploit
NA
CVE-2008-0291
SQL injection vulnerability in showproduct.asp in RichStrong CMS allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Hangzhou Rui-qiang Richstrong Cms
1 EDB exploit
NA
CVE-2008-6177
Multiple directory traversal vulnerabilities in LightBlog 9.8, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) username parameter to view_member.php, (2) username_post parameter to login.ph...
Publicwarehouse Lightblog 9.8
1 EDB exploit
NA
CVE-2008-6296
admin.php in Maran PHP Shop allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie to "demo."
Maran Php Shop
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »