Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
Toughtomato Com Ttvideo 1.0
1 EDB exploit
NA
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
NA
CVE-2010-4795
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third part...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
NA
CVE-2010-4865
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
Harmistechnology Com Jeguestbook 1.0
1 EDB exploit
NA
CVE-2009-3665
Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
NA
CVE-2011-0511
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomtraders Com Allcinevid 1.0.0
1 EDB exploit
NA
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »