Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingskrupellos vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-7314
SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.
Mlwebtechnologies Prayercenter 3.0.2
1 EDB exploit
9.8
CVSSv3
CVE-2017-5215
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
Codextrous B2j Contact
7.5
CVSSv3
CVE-2017-5214
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.
Codextrous B2j Contact
7.5
CVSSv3
CVE-2017-9030
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
Codextrous B2j Contact
7.2
CVSSv3
CVE-2016-10379
The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.
Virtuemart Virtuemart 3.0.14
6.1
CVSSv3
CVE-2018-11532
An issue exists in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.
Changuondyu Advanced Statistics Project Changuondyu Advanced Statistics 1.0.2
1 EDB exploit
NA
CVE-2014-4960
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x up to and including 4.1.7, and possibly 3.x, for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter t...
Joomlaboat Com Youtubegallery 4.1.4
Joomlaboat Com Youtubegallery 4.1.3
Joomlaboat Com Youtubegallery 4.1.2
Joomlaboat Com Youtubegallery 4.1.1
Joomlaboat Com Youtubegallery 3.9.2
Joomlaboat Com Youtubegallery 3.9.0
Joomlaboat Com Youtubegallery 4.0.0
Joomlaboat Com Youtubegallery 3.9.9
Joomlaboat Com Youtubegallery 3.9.8
Joomlaboat Com Youtubegallery 3.9.7
Joomlaboat Com Youtubegallery 4.1.7
Joomlaboat Com Youtubegallery 4.1.5
Joomlaboat Com Youtubegallery 4.1.0
Joomlaboat Com Youtubegallery 4.0.8
Joomlaboat Com Youtubegallery 4.0.1
Joomlaboat Com Youtubegallery 3.9.6
Joomlaboat Com Youtubegallery 3.9.4
Joomlaboat Com Youtubegallery 4.1.6
Joomlaboat Com Youtubegallery 4.0.9
Joomlaboat Com Youtubegallery 4.0.2
Joomlaboat Com Youtubegallery 3.9.5
Joomlaboat Com Youtubegallery 3.9.3
1 EDB exploit
NA
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.1
Spip Spip 3.0.2
Spip Spip 3.0.3
Spip Spip 3.0.4
Spip Spip 3.0.0
Spip Spip 3.0.5
Spip Spip 3.0.7
Spip Spip 3.0.6
Spip Spip 3.0.8
Spip Spip 2.1.1
Spip Spip 2.1.2
Spip Spip 2.1.3
Spip Spip 2.1.17
Spip Spip 2.1.18
Spip Spip 2.1.19
Spip Spip 2.1.20
Spip Spip 2.1.9
Spip Spip 2.1.10
Spip Spip 2.1.11
Spip Spip 2.1.12
Spip Spip 2.1.5
Spip Spip 2.1.7
1 EDB exploit
NA
CVE-2011-0908
Open redirect vulnerability in Vanilla Forums prior to 2.0.17.6 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526.
Vanillaforums Vanilla 2.0.11
Vanillaforums Vanilla 2.0.12
Vanillaforums Vanilla 2.0.13
Vanillaforums Vanilla 2.0.14
Vanillaforums Vanilla 2.0.15
Vanillaforums Vanilla 2.0.17.2
Vanillaforums Vanilla 2.0.17.3
Vanillaforums Vanilla 2.0.17.4
Vanillaforums Vanilla
Vanillaforums Vanilla 2.0.16
Vanillaforums Vanilla 2.0.17
Vanillaforums Vanilla 2.0.10
Vanillaforums Vanilla 2.0.9
Vanillaforums Vanilla 2.0.17.1
NA
CVE-2010-2694
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the pid parameter to index.php.
Redcomponent Com Redshop 1.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »