Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-3423
login.php in Zenas PaoLink 1.0, when register_globals is enabled, allows remote malicious users to bypass authentication and gain administrative access by setting the login_ok parameter to 1.
Zenas Paolink 1.0
1 EDB exploit
755
VMScore
CVE-2009-4723
Directory traversal vulnerability in confirm.php in Netpet CMS 1.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Netpet Netpet Cms 1.9
1 EDB exploit
505
VMScore
CVE-2009-4726
Directory traversal vulnerability in download.php in Quickdev 4 PHP allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Olivier Michaud Pierre-yves Quickdev4php
1 EDB exploit
685
VMScore
CVE-2009-4733
SQL injection vulnerability in checkuser.php in SimpleLoginSys 0.5, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.
Supercrackmunkey Simpleloginsys 0.5
1 EDB exploit
935
VMScore
CVE-2009-4759
Buffer overflow in BrotherSoft BMXPlay 0.4.4b allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .BMX file.
Joric Bmxplay 0.4.4b
1 EDB exploit
605
VMScore
CVE-2009-4793
Unrestricted file upload vulnerability in adminpanel/scripts/addphotos.php in BandSite CMS 1.1.4 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension via an addphotos action to adminpanel/index.php, and then acc...
Karl Core Bandsite Cms 1.1.4
1 EDB exploit
655
VMScore
CVE-2009-4977
PHP remote file inclusion vulnerability in index.php in MyBackup 1.4.0 allows remote authenticated users to execute arbitrary PHP code via a URL in the main_content parameter.
Tufat Mybackup 1.4.0
1 EDB exploit
605
VMScore
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
605
VMScore
CVE-2008-6726
Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-34...
Cmscout Cmscout 2.06
1 EDB exploit
505
VMScore
CVE-2008-6126
Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589.
Mozilo Mozilocms 1.9.1
Mozilo Mozilocms 1.9
Mozilo Mozilocms 1.4
Mozilo Mozilocms 1.3.1
Mozilo Mozilocms
Mozilo Mozilocms 1.10
Mozilo Mozilocms 1.6.2
Mozilo Mozilocms 1.6.1
Mozilo Mozilocms 1.1.1
Mozilo Mozilocms 1.1
Mozilo Mozilocms 1.0
Mozilo Mozilocms 1.9.3
Mozilo Mozilocms 1.9.2
Mozilo Mozilocms 1.6
Mozilo Mozilocms 1.5
Mozilo Mozilocms 1.10.1
Mozilo Mozilocms 1.8
Mozilo Mozilocms 1.7
Mozilo Mozilocms 1.3
Mozilo Mozilocms 1.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »