Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5300
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some...
Wzdftpd Wzdftpd 0.8.0
Wzdftpd Wzdftpd 0.8.2
1 EDB exploit
NA
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote malicious users to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the ...
Redline Software Lanai Cms 1.2.14
4 EDB exploits
NA
CVE-2006-6634
Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and previous versions component for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events.php, (2) the ...
Mambo Extcalthai Module
2 EDB exploits
NA
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action...
Freewebshop Freewebshop 2.2.1
2 EDB exploits
NA
CVE-2008-3203
js/pages/pages_data.php in AuraCMS 2.2 up to and including 2.2.2 does not perform authentication, which allows remote malicious users to add, edit, and delete web content via a modified id parameter.
Auracms Auracms 2.2.2
Auracms Auracms 2.2
Auracms Auracms 2.2.1
1 EDB exploit
NA
CVE-2005-1032
Rejected reason: cart.php in LiteCommerce might allow remote malicious users to obtain sensitive information via invalid (1) category_id or (2) product_id parameters. NOTE: this issue was originally claimed to be due to SQL injection, but the original researcher is known to be fr...
1 EDB exploit
NA
CVE-2007-4156
Multiple SQL injection vulnerabilities in wolioCMS allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to member.php in a page action, related to a SELECT statement in common.php; and the (2) loginid parameter (uid variable), and possibly the (...
Woliocms Woliocms
1 EDB exploit
NA
CVE-2007-4171
SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) allows remote malicious users to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information.
Auracms Modul Forum Sederhana
1 EDB exploit
NA
CVE-2007-4253
SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263.
Envolution Envolution
1 EDB exploit
NA
CVE-2007-0181
PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote malicious users to execute arbitrary PHP code via a URL in the _config[site_path] parameter.
Scriptaty Magic Photo Storage Website
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »