Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingskrupellos vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-7314
SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.
Mlwebtechnologies Prayercenter 3.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2017-5215
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
Codextrous B2j Contact
7.5
CVSSv2
CVE-2014-4960
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x up to and including 4.1.7, and possibly 3.x, for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter t...
Joomlaboat Com Youtubegallery 4.1.4
Joomlaboat Com Youtubegallery 4.1.3
Joomlaboat Com Youtubegallery 4.1.2
Joomlaboat Com Youtubegallery 4.1.1
Joomlaboat Com Youtubegallery 3.9.2
Joomlaboat Com Youtubegallery 3.9.0
Joomlaboat Com Youtubegallery 4.0.0
Joomlaboat Com Youtubegallery 3.9.9
Joomlaboat Com Youtubegallery 3.9.8
Joomlaboat Com Youtubegallery 3.9.7
Joomlaboat Com Youtubegallery 4.1.7
Joomlaboat Com Youtubegallery 4.1.5
Joomlaboat Com Youtubegallery 4.1.0
Joomlaboat Com Youtubegallery 4.0.8
Joomlaboat Com Youtubegallery 4.0.1
Joomlaboat Com Youtubegallery 3.9.6
Joomlaboat Com Youtubegallery 3.9.4
Joomlaboat Com Youtubegallery 4.1.6
Joomlaboat Com Youtubegallery 4.0.9
Joomlaboat Com Youtubegallery 4.0.2
Joomlaboat Com Youtubegallery 3.9.5
Joomlaboat Com Youtubegallery 3.9.3
1 EDB exploit
7.5
CVSSv2
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.1
Spip Spip 3.0.2
Spip Spip 3.0.3
Spip Spip 3.0.4
Spip Spip 3.0.0
Spip Spip 3.0.5
Spip Spip 3.0.7
Spip Spip 3.0.6
Spip Spip 3.0.8
Spip Spip 2.1.1
Spip Spip 2.1.2
Spip Spip 2.1.3
Spip Spip 2.1.17
Spip Spip 2.1.18
Spip Spip 2.1.19
Spip Spip 2.1.20
Spip Spip 2.1.9
Spip Spip 2.1.10
Spip Spip 2.1.11
Spip Spip 2.1.12
Spip Spip 2.1.5
Spip Spip 2.1.7
1 EDB exploit
7.5
CVSSv2
CVE-2010-2694
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the pid parameter to index.php.
Redcomponent Com Redshop 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-2678
SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the Itemid parameter to index.php.
Guillermo Vargas Com Xmap
7.5
CVSSv2
CVE-2010-2679
SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a view action to index.php.
Joomla Com Weblinks
Joomla Joomla\\!
1 EDB exploit
7.5
CVSSv2
CVE-2010-2255
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component prior to 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component prior to 1.2 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ...
Tamlyncreative Com Bfsurvey Profree 1.2.6
Tamlyncreative Com Bfsurvey Pro
Tamlyncreative Com Bfsurvey Basic
1 EDB exploit
7.5
CVSSv2
CVE-2010-1559
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component prior to 3.2.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a speakerpopup action to index.php. NOTE: some of these details are obtained from thir...
Martin Hess Com Sermonspeaker 3.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2010-1477
SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component prior to 3.2.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a latest_sermons action to index.php.
Martin Hess Com Sermonspeaker
Martin Hess Com Sermonspeaker 2.9
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »