Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0kster vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5060
Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote malicious users to change arbitrary passwords via certain password_ and rpassword_ parameters, possibly related to timestamp values.
Xcms Xcms
1 EDB exploit
NA
CVE-2007-5052
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vigile CMS 1.8 allow remote malicious users to inject arbitrary web script or HTML via a request to the wiki module with (1) the title parameter or (2) a "title=" sequence in the PATH_INFO, or a request...
Itcms Vigile Cms 1.8
1 EDB exploit
NA
CVE-2007-6575
SQL injection vulnerability in default.php in MMSLamp allows remote malicious users to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action.
Brand039 Mmslamp 1.0
1 EDB exploit
NA
CVE-2007-6652
cpie.php in XCMS 1.83 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which w...
Xcms Xcms
1 EDB exploit
NA
CVE-2007-6664
SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the m parameter.
Webportal Webportal Cms
1 EDB exploit
NA
CVE-2007-6667
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
Myphp Myphp Forum
Myphp Myphp Forum 2.0
Myphp Myphp Forum 1.0
1 EDB exploit
NA
CVE-2008-0133
Multiple SQL injection vulnerabilities in Tribisur 2.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to cat_main.php and the (2) cat parameter to forum.php in a liste action.
Thomas Perez Tribisur
1 EDB exploit
NA
CVE-2007-6586
SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote malicious users to execute arbitrary SQL commands via the id parameter in a sezione page action to index.php.
Niclor Niclor 16 04 06
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started