Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
1000
VMScore
CVE-2008-4486
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and previous versions, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
Yerba Yerba
Yerba Yerba 6.28
2 EDB exploits
940
VMScore
CVE-2008-6734
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Keller Web Admin Kwa 0.94
2 EDB exploits
785
VMScore
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote malicious users to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
760
VMScore
CVE-2008-6795
SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote malicious users to execute arbitrary SQL commands via the nID parameter.
Niclor Vibro-school-cms
2 EDB exploits
760
VMScore
CVE-2008-5841
Multiple SQL injection vulnerabilities in iGaming 1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
Igamingcms Igaming Cms 1.3.1
Igamingcms Igaming Cms 1.4.2
Igamingcms Igaming Cms
2 EDB exploits
760
VMScore
CVE-2008-4203
SQL injection vulnerability in cn_users.php in CzarNews 1.20 and previous versions allows remote malicious users to execute arbitrary SQL commands via a recook cookie.
Czaries Czarnews 1.12
Czaries Czarnews
Czaries Czarnews 1.13
Czaries Czarnews 1.14
2 EDB exploits
760
VMScore
CVE-2007-6586
SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.
Niclor Niclor 16 04 06
2 EDB exploits
755
VMScore
CVE-2009-4106
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and previous versions allows remote malicious users to inject and execute arbitrary PHP code via the filename and text parameters.
Ohloh Agoko Cms
1 EDB exploit
755
VMScore
CVE-2008-7069
All Club CMS (ACCMS) 0.0.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database configuration information, including credentials, via a direct request to accms.dat.
Paul Arbogast Accms 0.0.1c
Paul Arbogast Accms 0.0.1a
Paul Arbogast Accms
Paul Arbogast Accms 0.0.1h
Paul Arbogast Accms 0.0.1f
Paul Arbogast Accms 0.0.1g
Paul Arbogast Accms 0.0.1d
Paul Arbogast Accms 0.0.1e
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »