Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sweet vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2006-7052
Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote malicious users to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and the (2) admin_header_...
Keith Reichley Dotwidget For Articles 0.2
7 EDB exploits
7.5
CVSSv2
CVE-2010-3212
SQL injection vulnerability in index.php in Seagull 0.6.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO.
Seagullproject.org Seagull
Seagullproject.org Seagull 0.6.0
Seagullproject.org Seagull 0.6.4
Seagullproject.org Seagull 0.6.3
Seagullproject.org Seagull 0.4.6
Seagullproject.org Seagull 0.6.2
Seagullproject.org Seagull 0.6.1
Seagullproject.org Seagull 0.6.6
Seagullproject.org Seagull 0.6.5
Seagullproject.org Seagull 0.4.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-4862
Multiple SQL injection vulnerabilities in Alwasel 1.5 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) show.php and (2) xml.php.
Abushhab Alwasel 1.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-2788
Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote malicious users to execute arbitrary SQL commands via the (1) adminName parameter to cp/auth.php, (2) cid parameter to artcat.php, and (3) catid parameter to show.php.
Mobilelib Mobilelib Gold 3
1 EDB exploit
7.5
CVSSv2
CVE-2008-5841
Multiple SQL injection vulnerabilities in iGaming 1.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the browse parameter to (1) previews.php and (2) reviews.php, and the (3) id parameter to index.php in a viewarticle action.
Igamingcms Igaming Cms 1.3.1
Igamingcms Igaming Cms 1.4.2
Igamingcms Igaming Cms
2 EDB exploits
7.5
CVSSv2
CVE-2006-3175
Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects...
Mcguestbook Mcguestbook 1.3
3 EDB exploits
6.8
CVSSv2
CVE-2010-2340
SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the by parameter in the msearch action.
Arabportal Arab Portal 2.2
1 EDB exploit
6.8
CVSSv2
CVE-2009-3219
Directory traversal vulnerability in a.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the a parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-3218
SQL injection vulnerability in control/login.php in AR Web Content Manager (AWCM) 2.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
The-ghost Ar Web Content Manager 2.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-3211
Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI.
Dimofinf Infinity Script 2.0.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »