Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirdarckcat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3963
Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote malicious users to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7)...
Banex Banex 2.21
2 EDB exploits
NA
CVE-2006-4607
admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote malicious users to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1.
Longino Jacome Php-revista 1.1.2
1 EDB exploit
NA
CVE-2006-4608
Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.
Longino Jacome Php-revista 1.1.2
1 EDB exploit
NA
CVE-2006-3959
SQL injection vulnerability in protect.php in X-Scripts X-Protection 1.10, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameter.
X-scripts X-statistics 1.10
1 EDB exploit
NA
CVE-2006-3964
PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg_root parameter.
Banex Banex 2.21
1 EDB exploit
NA
CVE-2006-4102
PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin 0.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the conf[classpath] parameter.
Falko Timme And Till Brehm Sqlitewebadmin
1 EDB exploit
NA
CVE-2006-4599
SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote malicious users to execute arbitrary SQL commands via the user parameter.
Autentificator Autentificator 2.01
1 EDB exploit
NA
CVE-2006-3960
SQL injection vulnerability in top.php in X-Scripts X-Poll, probably 2.30, allows remote malicious users to execute arbitrary SQL commands via the poll parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
X-scripts X-poll 2.30
1 EDB exploit
NA
CVE-2006-3972
Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote malicious users to read arbitrary files via a .. (dot dot) in the chatid parameter.
Scott Weedon Ajax Chat 0.1
1 EDB exploit
NA
CVE-2006-4605
PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote malicious users to execute arbitrary PHP code via the adodb parameter.
Longino Jacome Php-revista 1.1.2
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »