Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan schurtz vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-6520
Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote malicious users to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. NOTE: this issue could not be reproduced by third parties.
Wikidforum Wikidforum 2.10
1 EDB exploit
7.5
CVSSv2
CVE-2011-5230
Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/application/models/LoginModel.php in Seotoaster 1.9 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) login parameter to sys/login/inde...
Seotoaster Seotoaster 1.8.2
Seotoaster Seotoaster
Seotoaster Seotoaster 1.8.3
1 EDB exploit
7.5
CVSSv2
CVE-2012-1911
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter to vcard.php. NOTE: the edit.php vector is already covered by CVE...
Chatelao Php Address Book 6.2.9
Chatelao Php Address Book 6.2.7
Chatelao Php Address Book 6.2
Chatelao Php Address Book 6.1.4
Chatelao Php Address Book 5.7.3
Chatelao Php Address Book 5.8.1
Chatelao Php Address Book 5.7.5
Chatelao Php Address Book 5.4.4
Chatelao Php Address Book 5.4.3
Chatelao Php Address Book 5.0
Chatelao Php Address Book 5.4.2
Chatelao Php Address Book 4.0.2
Chatelao Php Address Book 3.2.6
Chatelao Php Address Book 3.2.13
Chatelao Php Address Book 3.1.5
Chatelao Php Address Book 3.2.5
Chatelao Php Address Book 3.3.8
Chatelao Php Address Book 3.3
Chatelao Php Address Book 3.2.14
Chatelao Php Address Book 3.4.7
Chatelao Php Address Book 3.4.8
Chatelao Php Address Book 3.4.3
1 EDB exploit
7.5
CVSSv2
CVE-2012-2332
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity prior to 1.6.1 allows remote malicious users to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. NOTE: this issue might be resultant from cross-site request forgery (CSRF)...
S9y Serendipity 0.8.4
S9y Serendipity 0.9.1
S9y Serendipity 1.1.1
S9y Serendipity 0.7.1
S9y Serendipity 1.5.4
S9y Serendipity 1.5.3
S9y Serendipity 0.4
S9y Serendipity 1.1
S9y Serendipity 1.2.1
S9y Serendipity 1.2
S9y Serendipity 0.7
S9y Serendipity 1.0.4
S9y Serendipity 1.3
S9y Serendipity 1.1.2
S9y Serendipity 1.0
S9y Serendipity 1.5.1
S9y Serendipity 1.4.1
S9y Serendipity
S9y Serendipity 0.9
S9y Serendipity 0.8
S9y Serendipity 0.8.1
S9y Serendipity 1.6.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-4597
Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1.2 allow (1) remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a users details action, and allow remote malicious users to execute arbitrary SQL commands via the (2) user...
Phpwares Php Inventory 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-2565
Multiple SQL injection vulnerabilities in PHP Address Book 3.1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) view.php and (2) edit.php. NOTE: it was later reported that 4.0.x is also affected.
Php-address Book Php-address Book 3.1.2
Php-address Book Php-address Book 3.1.1
Php-address Book Php-address Book 2.1.1
Php-address Book Php-address Book 2.1
Php-address Book Php-address Book 2.0
Php-address Book Php-address Book 3.4.4
Php-address Book Php-address Book 3.4.3
Php-address Book Php-address Book
Php-address Book Php-address Book 3.1.5
Php-address Book Php-address Book 2.6
Php-address Book Php-address Book 2.4
Php-address Book Php-address Book 3.4.8
Php-address Book Php-address Book 3.4.7
Php-address Book Php-address Book 3.4
Php-address Book Php-address Book 3.3.18
Php-address Book Php-address Book 3.1
Php-address Book Php-address Book 3.0
Php-address Book Php-address Book 1.2
Php-address Book Php-address Book 1.0
Php-address Book Php-address Book 3.4.2
Php-address Book Php-address Book 3.4.1
Php-address Book Php-address Book 3.1.4
3 EDB exploits
6.5
CVSSv2
CVE-2012-3834
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands via the time[0][0] parameter.
Alienvault Open Source Security Information Management 3.1
2 EDB exploits
6
CVSSv2
CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Phpwares Php Inventory 1.2
1 EDB exploit
5.5
CVSSv2
CVE-2011-4717
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
Zftpserver Zftpserver Suite 6.0.0.52
1 EDB exploit
5
CVSSv2
CVE-2011-4713
Directory traversal vulnerability in catalog/content.php in osCSS2 2.1.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the _ID parameter to (1) catalog/shopping_cart.php or (2) catalog/content.php.
Oscss Oscss
Oscss Oscss 1.1
Oscss Oscss 2.10
Oscss Oscss 1.2.2
Oscss Oscss 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »