Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sirgod vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2009-4978
Directory traversal vulnerability in down.php in MyBackup 1.4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter.
Tufat Mybackup 1.4.0
1 EDB exploit
515
VMScore
CVE-2009-0570
Directory traversal vulnerability in send.php in Ninja Designs Mailist 3.0, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the load parameter. NOTE: some of these ...
Ninjadesigns Mailist 3.0
1 EDB exploit
515
VMScore
CVE-2009-0735
Directory traversal vulnerability in lib/classes/message_class.php in Papoo CMS 3.6, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to read and possibly execute arbitrary files via a .. (dot dot) in the pfadhier parameter. NOTE: s...
Papoo Papoo 3.6
1 EDB exploit
605
VMScore
CVE-2008-6725
Multiple SQL injection vulnerabilities in CMScout 2.06 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) index.php in a mythings page (mythings.php) and (2) the users page in admin.php.
Cmscout Cmscout 2.06
1 EDB exploit
605
VMScore
CVE-2008-6905
Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page.
Babbleboard Babbleboard 1.1.6
1 EDB exploit
505
VMScore
CVE-2008-7056
BandSite CMS 1.1.4 does not perform access control for adminpanel/phpmydump.php, which allows remote malicious users to obtain copies of the database via a direct request.
Grayscalecms Bandsite Cms 1.1.4
1 EDB exploit
755
VMScore
CVE-2008-3593
Directory traversal vulnerability in index.php in SyzygyCMS 0.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Syzygycms Syzygycms 0.3
1 EDB exploit
505
VMScore
CVE-2009-0571
admin.php in Ninja Designs Mailist 3.0 stores backup copies of maillist.php under the web root with insufficient access control, which allows remote malicious users to obtain sensitive information via a direct request to the backup directory.
Ninjadesigns Mailist 3.0
1 EDB exploit
1000
VMScore
CVE-2008-4526
Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php, (2) forums.php, (3) admin.php, (4) header.php, (5) pages/story.php and (6) pages/poll.php.
Customcms Ccms 3.1
1 EDB exploit
685
VMScore
CVE-2009-1952
Multiple SQL injection vulnerabilities in the administrative login feature in PropertyMax Pro FREE 0.3, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Propertymaxpro Propertymax Pro Free 0.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »