Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
Toughtomato Com Ttvideo 1.0
1 EDB exploit
755
VMScore
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
685
VMScore
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
755
VMScore
CVE-2010-4983
SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Iscripts Cybermatch 1.0
1 EDB exploit
755
VMScore
CVE-2010-4795
SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the ev_id parameter in a details action to index.php. NOTE: some of these details are obtained from third part...
Joomlaseller Com Jscalendar 1.5.1
Joomlaseller Com Jscalendar 1.5.4
1 EDB exploit
755
VMScore
CVE-2010-4865
SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the d_itemid parameter in an item_detail action to index.php.
Harmistechnology Com Jeguestbook 1.0
1 EDB exploit
755
VMScore
CVE-2009-3665
Multiple SQL injection vulnerabilities in index.php in Nullam Blog 0.1.2 allow remote malicious users to execute arbitrary SQL commands via the (1) i parameter or (2) v parameters in a register action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
435
VMScore
CVE-2009-3666
Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.
Nullam Nullam Blog 0.1.2
1 EDB exploit
755
VMScore
CVE-2011-0511
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomtraders Com Allcinevid 1.0.0
1 EDB exploit
755
VMScore
CVE-2009-1263
SQL injection vulnerability in sub_commententry.php in the BookJoomlas (com_bookjoomlas) component 0.1 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the gbid parameter in a comment action to index.php.
Alikonweb Com Bookjoomlas 0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »