Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5065
TlGuestBook 1.2 allows remote malicious users to bypass authentication and gain administrative access by setting the tlGuestBook_login cookie to admin.
Easy-script Tlguesbook 1.2
1 EDB exploit
NA
CVE-2008-6861
Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote malicious users to bypass authentication and gain administrative access by setting a cookie to a certain value.
Xigla Absolute Newsletter 6.0
Xigla Absolute Newsletter 6.1
1 EDB exploit
NA
CVE-2008-6307
E-topbiz Link Back Checker 1 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "admin."
E-topbiz Link Back Checker 1
1 EDB exploit
NA
CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote malicious users to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Phpaddedit Phpaddedit 1.3
1 EDB exploit
NA
CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter...
China-on-site Flexphplink 0.0.7
China-on-site Flexphplink 0.0.6
1 EDB exploit
NA
CVE-2008-6749
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPDirectory 0.0.1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) checkuser and (2) checkpass parameters.
China-on-site Flexphpdirectory 0.0.1
1 EDB exploit
NA
CVE-2008-5880
admin/auth.php in Gobbl CMS 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "ok".
Gobbl Gobbl Cms 1.0
1 EDB exploit
NA
CVE-2009-0722
Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.
Potato-scripts Potato News 1.0.0
1 EDB exploit
NA
CVE-2009-0738
SQL injection vulnerability in login.php in Auth Php 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) username and (2) passwd parameters.
Frankmancuso Auth Php 1.0
1 EDB exploit
NA
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »