Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4726
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Olivier Michaud Pierre-yves Quickdev4php
1 EDB exploit
NA
CVE-2009-4732
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the tt_name parameter. NOTE: some of these details are obtained from third party information.
Technotoad Tt Web Site Manager 0.5
1 EDB exploit
NA
CVE-2009-4733
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
Supercrackmunkey Simpleloginsys 0.5
1 EDB exploit
NA
CVE-2009-4722
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Limny Limny 1.01
1 EDB exploit
NA
CVE-2009-4209
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in an editsite action, different vectors than CVE-2008-6127 and CVE-2009-1367.
Mozilo Mozilocms 1.11.1
1 EDB exploit
NA
CVE-2009-3716
Unrestricted file upload vulnerability in admin.php in MCshoutbox 1.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in smilies/.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-3714
Cross-site scripting (XSS) vulnerability in admin_login.php in MCshoutbox 1.1 allows remote malicious users to inject arbitrary web script or HTML via the loginerror parameter.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-3715
Multiple SQL injection vulnerabilities in scr_login.php in MCshoutbox 1.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Maniacomputer Mcshoutbox 1.1
1 EDB exploit
NA
CVE-2009-3596
JoxTechnology Ajox Poll does not properly restrict access to admin/managepoll.php, which allows remote malicious users to bypass authentication and gain administrative access via a direct request.
Joxtechnology Ajox Poll
1 EDB exploit
NA
CVE-2009-3506
Multiple cross-site scripting (XSS) vulnerabilities in CMSphp 0.21 allow remote malicious users to inject arbitrary web script or HTML via the (1) cook_user parameter to index.php and the (2) name parameter to modules.php.
Jean-michel Wyttenbach Cmsphp 0.21
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »