Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2009-2598
Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and previous versions allow (1) remote malicious users to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary...
Onlinegrades Online Grades 3.2.6
2 EDB exploits
6.8
CVSSv2
CVE-2009-2164
Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php.
Kjtechforce Mailman Beta1
2 EDB exploits
6
CVSSv2
CVE-2009-1584
Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m par...
R020 Tematres 1.031
R020 Tematres 1.0.3
2 EDB exploits
6.8
CVSSv2
CVE-2009-1613
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
Gowondesigns Leap 0.1.4
2 EDB exploits
7.5
CVSSv2
CVE-2009-1650
Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
Tenfourzero Shutter 0.1.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-1661
SQL injection vulnerability in admin/utopic.php in uTopic 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the rating parameter to index.php.
Anoldman Utopic 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2009-1809
Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 allow remote malicious users to inject arbitrary web script or HTML via (1) the year parameter to modules/kalender.php, (2) the Page parameter in a List action to modules/ereignis.php, (3) the Kontext parameter ...
Collector Mycolex 1.4.2
1 EDB exploit
6
CVSSv2
CVE-2009-1810
Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote malicious users to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parame...
Collector Mycolex 1.4.2
1 EDB exploit
4.3
CVSSv2
CVE-2009-1811
Multiple cross-site scripting (XSS) vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote malicious users to inject arbitrary web script or HTML via (1) the Page parameter in a List action to modules/ereignis.php, (2) the Kontext parameter in a Search action to modules/katego...
Collector Mygesuad 0.9.14
1 EDB exploit
6
CVSSv2
CVE-2009-1812
Multiple SQL injection vulnerabilities in myGesuad 0.9.14 (aka 0.9) allow remote malicious users to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via t...
Collector Mygesuad 0.9.14
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »