Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4807
Multiple SQL injection vulnerabilities in Graugon PHP Article Publisher 1.0 allow remote malicious users to execute arbitrary SQL commands via the (1) c parameter to index.php and the (2) id parameter to view.php.
Graugon Php Article Publisher 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4808
admin.php in Graugon PHP Article Publisher 1.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the g_admin cookie to 1.
Graugon Php Article Publisher 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-7003
Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote malicious users to execute arbitrary SQL commands via the (1) user_id and (2) password parameter.
The-rat-cms The-rat-cms Alpha2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6861
Xigla Software Absolute Newsletter 6.0 and 6.1 allows remote malicious users to bypass authentication and gain administrative access by setting a cookie to a certain value.
Xigla Absolute Newsletter 6.0
Xigla Absolute Newsletter 6.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6623
SQL injection vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Webbdomain Post Card
Webbdomain Post Card 1.01
1 EDB exploit
7.5
CVSSv2
CVE-2008-6581
login.php in PhpAddEdit 1.3 allows remote malicious users to bypass authentication and gain administrative access by setting the addedit cookie parameter.
Phpaddedit Phpaddedit 1.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-0864
S-Cms 1.1 Stable allows remote malicious users to bypass authentication and obtain administrative access via an OK value for the login cookie.
Matteoiammarrone S-cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0863
SQL injection vulnerability in admin/delete_page.php in S-Cms 1.1 Stable allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Matteoiammarrone S-cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0750
SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Tombstone Smnews -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6307
E-topbiz Link Back Checker 1 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "admin."
E-topbiz Link Back Checker 1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »