Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
securitylab.ir vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1446
Unrestricted file upload vulnerability in upload.php in Elkagroup Image Gallery 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in gallery/pictures/. NOTE: some of...
Elkagroup Image Gallery 1.0
1 EDB exploit
NA
CVE-2009-1622
SQL injection vulnerability in user.php in EcShop 2.5.0 allows remote malicious users to execute arbitrary SQL commands via the order_sn parameter in an order_query action.
Ecshop Ecshop 2.5.0
1 EDB exploit
NA
CVE-2009-1764
SQL injection vulnerability in inc/ajax.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter in a digg action.
Bokecc Maxcms 2.0
1 EDB exploit
NA
CVE-2009-1818
SQL injection vulnerability in admin/admin_manager.asp in MaxCMS 2.0 allows remote malicious users to execute arbitrary SQL commands via an m_username cookie in an add action.
Maxcms Maxcms 2.0
1 EDB exploit
NA
CVE-2009-2238
Unrestricted file upload vulnerability in includes/shared_scripts/wysiwyg_editor/assetmanager/assetmanager.asp in DMXReady Registration Manager 1.1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a di...
Dmxready Registration Manager 1.1
1 EDB exploit
NA
CVE-2009-4470
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the groupboardid parameter.
Dvbbs Dvbbs 2.0
1 EDB exploit
NA
CVE-2009-2915
SQL injection vulnerability in 2fly_gift.php in 2FLY Gift Delivery System 6.0 allows remote malicious users to execute arbitrary SQL commands via the gameid parameter in a content action.
2fly Gift Delivery System 6.0
1 EDB exploit
NA
CVE-2009-3124
Directory traversal vulnerability in get_message.cgi in QuarkMail allows remote malicious users to read arbitrary files via a .. (dot dot) in the tf parameter.
Ipmotor Quarkmail -
1 EDB exploit
NA
CVE-2009-3173
Unrestricted file upload vulnerability in admin/add_album.php in The Rat CMS Alpha 2 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
Theratstudios The Rat Cms 2
1 EDB exploit
NA
CVE-2009-4665
Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Cutesoft Components Cute Editor For Asp.net
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »