Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
x0r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6730
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPLink Pro 0.0.6 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter...
China-on-site Flexphplink 0.0.7
China-on-site Flexphplink 0.0.6
1 EDB exploit
NA
CVE-2008-6084
Unrestricted file upload vulnerability in pages/download.php in Iamma Simple Gallery 1.0 and 2.0 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directo...
.matteoiammarrone Iamma Simple Gallery 2.0
.matteoiammarrone Iamma Simple Gallery 1.0
1 EDB exploit
NA
CVE-2008-6237
SQL injection vulnerability in software-description.php in Scripts For Sites (SFS) Hotscripts-like Site allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Scripts-for-sites Hotscripts-like Site -
1 EDB exploit
NA
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
NA
CVE-2008-6307
E-topbiz Link Back Checker 1 allows remote malicious users to bypass authentication and gain administrative access by setting the auth cookie to "admin."
E-topbiz Link Back Checker 1
1 EDB exploit
NA
CVE-2008-4752
TlNews 2.2 allows remote malicious users to bypass authentication and gain administrative access by setting the tlNews_login cookie to admin.
Tech Logic Tlnews 2.2
1 EDB exploit
NA
CVE-2008-4781
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
Easy-script Myktools 2.4
1 EDB exploit
NA
CVE-2008-4783
tlAds 1.0 allows remote malicious users to bypass authentication and gain administrative access by setting the tlAds_login cookie to "admin."
Easy-script Tlads 1.0
1 EDB exploit
NA
CVE-2008-7003
Multiple SQL injection vulnerabilities in login.php in The Rat CMS Alpha 2 allow remote malicious users to execute arbitrary SQL commands via the (1) user_id and (2) password parameter.
The-rat-cms The-rat-cms Alpha2
1 EDB exploit
NA
CVE-2009-0107
Cross-site scripting (XSS) vulnerability in profile.php in PHPAuctions (aka PHPAuctionSystem) allows remote malicious users to inject arbitrary web script or HTML via the user_id parameter.
Phpauctions Phpauctions Nil
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »