Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-6010
Multiple directory traversal vulnerabilities in SG Real Estate Portal 2.0 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) mod, (2) page, or (3) lang parameter to index.php; or the (4) action or (5) folder parameter in a security request to admin...
Sg Real Estate Portal Sg Real Estate Portal 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-3158
admin/files.php in simplePHPWeb 0.2 does not require authentication, which allows remote malicious users to perform unspecified administrative actions via unknown vectors. NOTE: some of these details are obtained from third party information.
Carsten Wulff Simplephpweb 0.2
1 EDB exploit
5
CVSSv2
CVE-2009-2151
Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the newlang parameter.
Adaptweb Adaptweb 0.9.2
1 EDB exploit
4.3
CVSSv2
CVE-2009-2153
Cross-site scripting (XSS) vulnerability in index.php in Impleo Music Collection 2.0 allows remote malicious users to inject arbitrary web script or HTML via the sort parameter.
Sappy.dk Impleo Music Collection 2.0
1 EDB exploit
6.8
CVSSv2
CVE-2009-2154
SQL injection vulnerability in admin/login.php in Impleo Music Collection 2.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Sappy.dk Impleo Music Collection 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-2263
Directory traversal vulnerability in index.php in Awesome PHP Mega File Manager 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by ...
Awesomephp Mega File Manager 1.0
1 EDB exploit
5
CVSSv2
CVE-2008-7006
Free PHP VX Guestbook 1.06 allows remote malicious users to bypass authentication and download a backup of the database via a direct request to admin/backupdb.php.
Phpversion Php Vx Guestbook 1.06
1 EDB exploit
6.8
CVSSv2
CVE-2009-2735
SQL injection vulnerability in admin.php in sun-jester OpenNews 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Sun-jester Opennews 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-2096
SQL injection vulnerability in house/listing_view.php in phpCollegeExchange 0.1.5c allows remote malicious users to execute arbitrary SQL commands via the itemnr parameter.
David Degner Phpcollegeexchange 0.1.5c
1 EDB exploit
10
CVSSv2
CVE-2009-2111
Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 allows remote malicious users to inject arbitrary PHP code via a crafted (1) url and (2) location parameter.
Jnmsolutions Db Top Sites 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »