Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-3925
Cross-site request forgery (CSRF) vulnerability in admin.php in Content Management Made Easy (CMME) 1.12 allows remote malicious users to trigger the logout of an administrative user via a logout action.
Hans Oesterholt Cmme 1.12
1 EDB exploit
5.8
CVSSv2
CVE-2008-3926
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the...
Hans Oesterholt Cmme 1.12
1 EDB exploit
6.4
CVSSv2
CVE-2009-0383
delete.php in Max.Blog 1.0.6 does not properly restrict access, which allows remote malicious users to delete arbitrary blog posts via a direct request.
Mzbservices Max.blog 1.0.6
1 EDB exploit
6.8
CVSSv2
CVE-2008-4075
Directory traversal vulnerability in index.php in D-iscussion Board 3.01 allows remote malicious users to read arbitrary files via a .. (dot dot) in the topic parameter.
Dino D-iscussion Board 3.01
1 EDB exploit
7.8
CVSSv2
CVE-2008-4155
Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote malicious users to read arbitrary files or list directories via a .. (dot dot) in the (1) module or (2) action parameter in (a) www/index.php; the (3) module, (4) ss_module, or (5) ss_action parameter in (b...
Easybrik Easysite 2.3
1 EDB exploit
6.8
CVSSv2
CVE-2008-4158
Multiple directory traversal vulnerabilities in index.php in Zanfi CMS lite 1.2 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) flag and (2) inc parameters.
Zanfi Solutions Zanfi Cms Lite 1.2
1 EDB exploit
6.8
CVSSv2
CVE-2009-2129
Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote malicious users to hijack the authentication of arbitrary users via a logout action.
Elvinbts Elvinbts 1.2.0
1 EDB exploit
5
CVSSv2
CVE-2008-4115
TalkBack 2.3.6 allows remote malicious users to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function.
Talkback Talkback 2.3.6
1 EDB exploit
6.5
CVSSv2
CVE-2008-4175
Multiple SQL injection vulnerabilities in Link Bid Script 1.5 allow remote malicious users to execute arbitrary SQL commands via the (1) ucat parameter to upgrade.php and the (2) id parameter to linkadmin/edit.php.
Linkbidscript Linkbidscript 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-1247
SQL injection vulnerability in login.php in Acute Control Panel 1.0.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Acutecp.rediscussed Acutecp 1.0.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »