Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
6.8
CVSSv2
CVE-2010-4517
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the char parameter in an item action to index.php.
Harmistechnology Com Jeauto 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
5.1
CVSSv2
CVE-2009-1222
Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and previous versions, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter.
Webedition Webedition 6.0.0.4
1 EDB exploit
7.5
CVSSv2
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third p...
Anoochit Chalothorn Tiny Blogr 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1480
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote malicious users to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
Pragyan Cms Project Pragyan Cms 2.6.4
1 EDB exploit
6.8
CVSSv2
CVE-2010-4638
SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks4s) component 1.0.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the q parameter in a submitSurvey action to ...
Iptechinside Com Jquarks4s 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4795
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third part...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
7.5
CVSSv2
CVE-2010-4865
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
Harmistechnology Com Jeguestbook 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »