Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
luny vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-3366
Multiple cross-site scripting (XSS) vulnerabilities in V3 Chat allow remote malicious users to inject arbitrary web script or HTML via crafted HTML tags, as demonstrated by the IMG tag, in the (1) id parameter in (a) mail/index.php and (b) mail/reply.php; (2) login_id parameter i...
V3 Chat V3 Chat Beta
7 EDB exploits
2.6
CVSSv2
CVE-2006-3061
Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote malicious users to inject arbitrary web script or HTML via the (1) sort parameter in index2.php, (2) item_id parameter in report.php, (3) search_term parameter (aka the "search box") in se...
Review-script.com Five Star Review Script
2 EDB exploits
4.3
CVSSv2
CVE-2006-2986
Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) tit...
Baby Katie Media Very Simple Car Lister 1.0
Baby Katie Media Very Simple Realty Lister 1.0
2 EDB exploits
4.3
CVSSv2
CVE-2006-3006
Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions prior to 0.50, allows remote malicious users to inject arbitrary HTML or web script via a base64-encoded file parameter.
Ifoto Ifoto 0.20
1 EDB exploit
2.6
CVSSv2
CVE-2006-3680
Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote malicious users to inject arbitrary web script or HTML via the phpage parameter.
Photocycle Photocycle 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2006-3052
Cross-site scripting (XSS) vulnerability in Event Registration allows remote malicious users to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. NOTE: the provenance of this info...
Cescripts Event Registration Paypal
Cescripts Event Registration 2checkout
Cescripts Event Registration Rsvp 1.0
Cescripts Event Registration Corporate
1 EDB exploit
4.3
CVSSv2
CVE-2006-2883
Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1.0 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Kke Info Media Kmita Faq 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-2884
SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote malicious users to execute arbitrary SQL commands via the catid parameter.
Kke Info Media Kmita Faq 1.0
1 EDB exploit
6
CVSSv2
CVE-2006-6995
mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.
V3 Chat V3chat Instant Messenger
1 EDB exploit
7.5
CVSSv2
CVE-2006-7005
SQL injection vulnerability in item.php in PSY Auction allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Php Script Tools Psy Auction
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »