Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

x0r vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-5065
TlGuestBook 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
Easy-script Tlguesbook 1.2
NA
CVE-2008-6861
Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote malicious users to bypass authentication and gain administrative access by setting a cookie to a certain value.
Xigla Absolute Newsletter 6.0Xigla Absolute Newsletter 6.1
NA
CVE-2008-6307
E-topbiz Link Back Checker 1 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "admin."
E-topbiz Link Back Checker 1
NA
CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote malicious users to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Phpaddedit Phpaddedit 1.3
NA
CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter...
China-on-site Flexphplink 0.0.7China-on-site Flexphplink 0.0.6
NA
CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.
China-on-site Flexphpdirectory 0.0.1
NA
CVE-2008-5880
admin/auth.php in Gobbl CMS 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "ok".
Gobbl Gobbl Cms 1.0
NA
CVE-2009-0722
Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.
Potato-scripts Potato News 1.0.0
NA
CVE-2009-0738
SQL injection vulnerability in login.php in Auth Php 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Auth Php 1.0
NA
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook