Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-5000
SQL injection vulnerability in admin/includes/news.inc.php in PHPX 3.5.16, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via uppercase characters in the news_id parameter.
Phpx Phpx 3.5.16
1 EDB exploit
4.3
CVSSv2
CVE-2008-4888
Cross-site scripting (XSS) vulnerability in error.php in NetRisk 2.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the error parameter to index.php. NOTE: some of these details are obtained from third party information.
Netrisk Netrisk 1.9.7
Netrisk Netrisk
1 EDB exploit
6.8
CVSSv2
CVE-2009-1936
_functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PH...
Cpcommerce Project Cpcommerce
1 EDB exploit
6.8
CVSSv2
CVE-2009-2177
code/display.php in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a ...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
7.5
CVSSv2
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the user.
Jeremy Powers Lizardware Cms
Jeremy Powers Lizardware Cms 0.6.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-6907
Multiple SQL injection vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters, as accessible from a form generated b...
2532gigs 2532gigs 1.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6952
SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the c parameter.
Cms.maury91 Maurycms 0.53.2
1 EDB exploit
6.8
CVSSv2
CVE-2009-1259
SQL injection vulnerability in inc/bb/topic.php in Insane Visions AdaptBB 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the topic_id parameter in a topic action to index.php.
Insanevisions Adaptbb 1.0
1 EDB exploit
5.1
CVSSv2
CVE-2009-1409
SQL injection vulnerability in usersettings.php in e107 0.7.15 and previous versions, when "Extended User Fields" is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the hide parameter, a different vector than...
E107 E107 0.7.11
E107 E107 0.7.13
E107 E107 0.553 Beta
E107 E107 0.549 Beta
E107 E107 0.551 Beta
E107 E107 0.6 12
E107 E107 0.6 11
E107 E107 0.603
E107 E107 0.602
E107 E107 0.609
E107 E107 0.610
E107 E107 0.616
E107 E107 0.617
E107 E107 0.7
E107 E107 0.7.3
E107 E107 5.05
E107 E107 5.04
E107 E107 5.3 Beta2
E107 E107 5.4 Beta1
E107 E107 0.7.10
E107 E107 0.554
E107 E107 0.6 15a
1 EDB exploit
4.3
CVSSv2
CVE-2008-5323
Cross-site scripting (XSS) vulnerability in index.php in Wysi Wiki Wyg 1.0 allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »