Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ka0x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4561
Multiple SQL injection vulnerabilities in Admin/index.php in WebLeague 2.2.0, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Worms-league Webleague 2.2.0
1 EDB exploit
NA
CVE-2007-6128
SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote malicious users to execute arbitrary SQL commands via the idevent parameter.
Flor De Utopia Workingonweb 2.0.1400
1 EDB exploit
NA
CVE-2007-1843
PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the gszAppPath parameter.
Maptools Maplab 2.2.1
1 EDB exploit
NA
CVE-2008-0601
SQL injection vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and previous versions allows remote malicious users to execute arbitrary SQL commands via the name parameter.
All Club Cms All Club Cms
1 EDB exploit
NA
CVE-2008-0839
SQL injection vulnerability in refer.php in the astatsPRO (com_astatspro) 1.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Astats Astatspro 1.0
Joomla Com Astatspro 1.0
1 EDB exploit
NA
CVE-2008-0262
SQL injection vulnerability in includes/articleblock.php in Agares PhpAutoVideo 2.21 allows remote malicious users to execute arbitrary SQL commands via the articlecat parameter.
Agares Media Phpautovideo 2.21
2 EDB exploits
NA
CVE-2008-5778
SQL injection vulnerability in report.php in Free Links Directory Script (FLDS) 1.2a allows remote malicious users to execute arbitrary SQL commands via the linkid parameter.
Flds Script Flds 1.2a
2 EDB exploits
NA
CVE-2008-4244
Rianxosencabos CMS 0.9 allows remote malicious users to bypass authentication and gain administrative access by setting the usuario and pass cookies to 1.
Rianxosencabos Cms Rianxosencabos Cms 0.9
2 EDB exploits
NA
CVE-2008-3152
SQL injection vulnerability in directory.php in SmartPPC and SmartPPC Pro allows remote malicious users to execute arbitrary SQL commands via the idDirectory parameter.
Orbitscripts Smartppc Pro
Orbitscripts Smartppc
2 EDB exploits
NA
CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote malicious users to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as...
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2