Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s.w.a.t. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7301
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sclek Jsite 1.0
1 EDB exploit
NA
CVE-2008-6900
Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th...
Availscript Availscript Article Script
1 EDB exploit
NA
CVE-2008-6751
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settin...
Revou Tclone
1 EDB exploit
7.5
CVSSv3
CVE-2008-6157
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows context-dependent malicious users to obtain sensitive information.
Sepcity Classified Ads -
1 EDB exploit
NA
CVE-2008-6150
SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Sepcity Classified Ads -
1 EDB exploit
NA
CVE-2008-6142
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPic 0.0.4 and FlexPHPic Pro 0.0.3, and other 0.0.x versions, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter ...
China-on-site Flexphpic 0.0.3
China-on-site Flexphpic 0.0.4
1 EDB exploit
NA
CVE-2008-4709
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Pilot Group Etraining
1 EDB exploit
NA
CVE-2008-3749
SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Banner Management Script
1 EDB exploit
NA
CVE-2008-3317
admin/index.php in Maian Search 1.1 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
Maian Script World Maian Search 1.0
Maian Script World Maian Search
1 EDB exploit
NA
CVE-2008-3318
admin/index.php in Maian Weblog 4.0 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary weblog_cookie cookie.
Maian Weblog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »