Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingskrupellos vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-7314
SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.
Mlwebtechnologies Prayercenter 3.0.2
1 EDB exploit
9.8
CVSSv3
CVE-2017-5215
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows a rename attack that bypasses a "safe file extension" protection mechanism, leading to remote code execution.
Codextrous B2j Contact
7.5
CVSSv3
CVE-2017-5214
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows prediction of a uniqid value based on knowledge of a time value. This makes it easier to read arbitrary uploaded files.
Codextrous B2j Contact
7.5
CVSSv3
CVE-2017-9030
The Codextrous B2J Contact (aka b2j_contact) extension prior to 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files.
Codextrous B2j Contact
7.2
CVSSv3
CVE-2016-10379
The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.
Virtuemart Virtuemart 3.0.14
6.1
CVSSv3
CVE-2018-11532
An issue exists in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. changstats.php has XSS, as demonstrated by a subject field.
Changuondyu Advanced Statistics Project Changuondyu Advanced Statistics 1.0.2
1 EDB exploit
NA
CVE-2014-4960
Multiple SQL injection vulnerabilities in models\gallery.php in Youtube Gallery (com_youtubegallery) component 4.x up to and including 4.1.7, and possibly 3.x, for Joomla! allow remote malicious users to execute arbitrary SQL commands via the (1) listid or (2) themeid parameter t...
Joomlaboat Com Youtubegallery 3.9.9
Joomlaboat Com Youtubegallery 4.1.6
Joomlaboat Com Youtubegallery 4.1.2
Joomlaboat Com Youtubegallery 3.9.6
Joomlaboat Com Youtubegallery 4.0.2
Joomlaboat Com Youtubegallery 4.1.0
Joomlaboat Com Youtubegallery 3.9.7
Joomlaboat Com Youtubegallery 4.1.3
Joomlaboat Com Youtubegallery 3.9.2
Joomlaboat Com Youtubegallery 4.1.5
Joomlaboat Com Youtubegallery 4.1.7
Joomlaboat Com Youtubegallery 3.9.0
Joomlaboat Com Youtubegallery 3.9.4
Joomlaboat Com Youtubegallery 4.0.0
Joomlaboat Com Youtubegallery 4.1.1
Joomlaboat Com Youtubegallery 4.0.9
Joomlaboat Com Youtubegallery 4.0.8
Joomlaboat Com Youtubegallery 3.9.3
Joomlaboat Com Youtubegallery 4.1.4
Joomlaboat Com Youtubegallery 3.9.8
Joomlaboat Com Youtubegallery 3.9.5
Joomlaboat Com Youtubegallery 4.0.1
1 EDB exploit
NA
CVE-2013-2118
SPIP 3.0.x prior to 3.0.9, 2.1.x prior to 2.1.22, and 2.0.x prior to 2.0.23 allows remote malicious users to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
Spip Spip 3.0.3
Spip Spip 3.0.8
Spip Spip 3.0.4
Spip Spip 3.0.7
Spip Spip 3.0.5
Spip Spip 3.0.2
Spip Spip 3.0.0
Spip Spip 3.0.6
Spip Spip 3.0.1
Spip Spip 2.1.15
Spip Spip 2.1.8
Spip Spip 2.1.17
Spip Spip 2.1.4
Spip Spip 2.1.19
Spip Spip 2.1.2
Spip Spip 2.1.18
Spip Spip 2.1.5
Spip Spip 2.1.13
Spip Spip 2.1.16
Spip Spip 2.1.10
Spip Spip 2.1.7
Spip Spip 2.1.14
1 EDB exploit
NA
CVE-2011-0908
Open redirect vulnerability in Vanilla Forums prior to 2.0.17.6 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Target parameter to an unspecified component, a different vulnerability than CVE-2011-0526.
Vanillaforums Vanilla 2.0.16
Vanillaforums Vanilla 2.0.9
Vanillaforums Vanilla 2.0.10
Vanillaforums Vanilla 2.0.11
Vanillaforums Vanilla 2.0.12
Vanillaforums Vanilla 2.0.13
Vanillaforums Vanilla 2.0.14
Vanillaforums Vanilla 2.0.15
Vanillaforums Vanilla 2.0.17
Vanillaforums Vanilla 2.0.17.1
Vanillaforums Vanilla 2.0.17.2
Vanillaforums Vanilla 2.0.17.3
Vanillaforums Vanilla 2.0.17.4
Vanillaforums Vanilla
NA
CVE-2010-2694
SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the pid parameter to index.php.
Redcomponent Com Redshop 1.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »