Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
website vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3525
Ripe Website Manager 0.8.9 and previous versions allows remote malicious users to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely ...
Ripe Website Manager Ripe Website Manager
NA
CVE-2007-3524
Multiple PHP remote file inclusion vulnerabilities in Ripe Website Manager 0.8.9 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the level parameter to (1) admin/includes/author_panel_header.php or (2) admin/includes/admin_header.php.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
9.8
CVSSv3
CVE-2018-17840
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter.
Education Website Project Education Website 1.0
NA
CVE-2007-2206
Cross-site scripting (XSS) vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a leading "<"<" in the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
NA
CVE-2007-2207
SQL injection vulnerability in contact/index.php in Ripe Website Manager 0.8.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the ripeformpost parameter.
Ripe Website Manager Ripe Website Manager
1 EDB exploit
6.1
CVSSv3
CVE-2022-45990
A cross-site scripting (XSS) vulnerability in the component /signup_script.php of Ecommerce-Website v1.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the eMail parameter.
Ecommerce-website Project Ecommerce-website 1.0
6.1
CVSSv3
CVE-2022-2725
A vulnerability was found in SourceCodester Company Website CMS. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add-blog.php. The manipulation leads to cross site scripting. The attack may be launched remotely. VDB-205838 is the...
Company Website Cms Project Company Website Cms -
9.8
CVSSv3
CVE-2022-2740
A vulnerability was found in SourceCodester Company Website CMS. It has been declared as critical. This vulnerability affects unknown code of the file /dashboard/add-blog.php of the component Add Blog. The manipulation of the argument ufile leads to unrestricted upload. The attac...
Company Website Cms Project Company Website Cms -
9.8
CVSSv3
CVE-2022-2750
A vulnerability, which was classified as critical, was found in SourceCodester Company Website CMS. Affected is an unknown function of the file /dashboard/add-service.php of the component Add Service Handler. The manipulation leads to unrestricted upload. It is possible to launch...
Company Website Cms Project Company Website Cms -
9.8
CVSSv3
CVE-2017-15992
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
Website Broker Script Project Website Broker Script -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »