Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kamtiez vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-3438
SQL injection vulnerability in the JoomlaFacebook (com_facebook) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a student action to index.php.
Witchakorn Kamolpornwijit Com Facebook
2 EDB exploits
7.5
CVSSv2
CVE-2009-3325
SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php.
Focusdev Com Surveymanager 1.5.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4789
Multiple PHP remote file inclusion vulnerabilities in the MojoBlog component RC 0.15 for Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) wp-comments-post.php and (2) wp-trackback.php.
Mojoblog Mojoblog Rc0.15
1 EDB exploit
7.5
CVSSv2
CVE-2010-0673
SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote malicious users to execute arbitrary SQL commands via the postid parameter.
Copperleaf Photolog 0.16
1 EDB exploit
7.5
CVSSv2
CVE-2010-0677
SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the get parameter.
Katalog.hurricane Katalog Stron Hurricane 1.3.5
1 EDB exploit
6.8
CVSSv2
CVE-2010-0678
PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the includes_directory parameter.
Katalog.hurricane Katalog Stron Hurricane 1.3.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-3644
SQL injection vulnerability in the Soundset (com_soundset) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter to index.php.
Soundset Com Soundset 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3822
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat (com_ajaxchat) component 1.0 for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter to tests/ajcuser.php.
Fijiwebdesign Com Ajaxchat 1.0
1 EDB exploit
2.6
CVSSv2
CVE-2010-1856
Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote malicious users to inject arbitrary web script or HTML via the prod parameter in a products.details action.
Realitymedias Repairshop2 1.9.023
1 EDB exploit
7.5
CVSSv2
CVE-2010-1877
SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remote malicious users to execute arbitrary SQL commands via the author parameter in a search action to index.php.
Jtmreseller Com Jtm 1.9
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »