Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-4346
Directory traversal vulnerability in TalkBack 2.3.6 and 2.3.6.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to comments.php, a different vector than CVE-2008-3371.
Talkback Talkback 2.3.6
Talkback Talkback 2.3.6.4
1 EDB exploit
1000
VMScore
CVE-2009-1916
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the ns parameter.
Gscripts Dns Tools
1 EDB exploit
435
VMScore
CVE-2009-1951
Cross-site scripting (XSS) vulnerability in index.php in PropertyMax Pro FREE 0.3 allows remote malicious users to inject arbitrary web script or HTML via the pl parameter in a mi action.
Propertymaxpro Propertymax Pro Free 0.3
1 EDB exploit
605
VMScore
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
605
VMScore
CVE-2008-6905
Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
505
VMScore
CVE-2009-0571
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request to the backup directory.
Ninjadesigns Mailist 3.0
1 EDB exploit
515
VMScore
CVE-2009-0735
Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: s...
Papoo Papoo 3.6
1 EDB exploit
755
VMScore
CVE-2008-3593
Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Syzygycms Syzygycms 0.3
1 EDB exploit
435
VMScore
CVE-2008-3924
The "Make a backup" functionality in Content Management Made Easy (CMME) 1.12 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to discover (1) account names and (2) password hashes via a direct request...
Hans Oesterholt Cmme 1.12
1 EDB exploit
585
VMScore
CVE-2008-3926
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the...
Hans Oesterholt Cmme 1.12
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »