Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lionturk vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-0976
Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might allow remote malicious users to restart the installation process and have unspecified other impact via requests to install.asp and other install_*.asp scripts. NOTE: the final instal...
Acidcat Acidcat Cms 3.5.1
Acidcat Acidcat Cms 3.5.0
Acidcat Acidcat Cms 3.5.3
Acidcat Acidcat Cms 3.5.2
1 EDB exploit
5
CVSSv2
CVE-2010-0978
KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/db.mdb.
Kmsoft Guestbook 1.0
1 EDB exploit
5
CVSSv2
CVE-2009-4585
UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for database/db.mdb.
Aspindir Uranyumsoft Listing Service
1 EDB exploit
5
CVSSv2
CVE-2009-4825
8pixel.net Blog 4 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for App_Data/sb.mdb.
8pixel Simple Blog 4.0
1 EDB exploit
7.8
CVSSv2
CVE-2007-3061
Cactushop 6 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for (1) cactushop6.mdb or (2) cactushop5.mdb.
Cactusoft Cactushop
1 EDB exploit
5
CVSSv2
CVE-2010-0984
Acidcat CMS 3.5.3 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for databases/acidcat_3.mdb.
Acidcat Acidcat Cms 3.4.0
Acidcat Acidcat Cms
Acidcat Acidcat Cms 2.1.13
Acidcat Acidcat Cms 2.1.12
Acidcat Acidcat Cms 3.5.2
Acidcat Acidcat Cms 3.5.1
Acidcat Acidcat Cms 3.5.0
Acidcat Acidcat Cms 2.1.11
Acidcat Acidcat Cms 3.3.5
Acidcat Acidcat Cms 3.4.2
Acidcat Acidcat Cms 3.4.1
1 EDB exploit
5
CVSSv2
CVE-2010-1064
Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/ajxgaleri.mdb.
Aspindir Erolife Ajxgaleri Vt
1 EDB exploit
7.5
CVSSv2
CVE-2010-0375
SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote malicious users to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Jce-tech Php Calendars Script
1 EDB exploit
5
CVSSv2
CVE-2010-0380
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote malicious users to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the ...
Jce-tech Php Calendars Script
1 EDB exploit
4.3
CVSSv2
CVE-2010-0376
Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, allows remote malicious users to inject arbitrary web script or HTML via the cat parameter. NOTE: this issue is reportedly resultant from a forced SQL error message that...
Jce-tech Php Calendars Script
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »