Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yenh4cker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1584
Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m par...
R020 Tematres 1.031
R020 Tematres 1.0.3
2 EDB exploits
NA
CVE-2009-2164
Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the code parameter to activate.php or (2) the dest parameter to index.php.
Kjtechforce Mailman Beta1
2 EDB exploits
NA
CVE-2009-1613
Multiple SQL injection vulnerabilities in leap.php in Leap CMS 0.1.4, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) searchterm or (2) email parameter.
Gowondesigns Leap 0.1.4
2 EDB exploits
NA
CVE-2009-2598
Multiple SQL injection vulnerabilities in Online Grades & Attendance 3.2.6 and previous versions allow (1) remote malicious users to execute arbitrary SQL commands via the key parameter in a resetpass action to index.php and (2) remote authenticated users to execute arbitrary...
Onlinegrades Online Grades 3.2.6
2 EDB exploits
NA
CVE-2009-1408
Cross-site scripting (XSS) vulnerability in webSPELL 4.2.0c allows remote malicious users to inject arbitrary web script or HTML allows remote malicious users to inject arbitrary web script or HTML via Javascript events such as onmouseover in nested BBcode tags, as demonstrated u...
Webspell Webspell 4.2.0c
1 EDB exploit
NA
CVE-2009-1487
SQL injection vulnerability in pages/login.php in FunGamez RC1 allows remote malicious users to execute arbitrary SQL commands via the login_user (aka username) parameter. NOTE: some of these details are obtained from third party information.
Rens Rikkerink Fungamez -
1 EDB exploit
NA
CVE-2009-1489
includes/user.php in Fungamez RC1 allows remote malicious users to bypass authentication and gain administrative access by setting the user cookie parameter.
Rens Rikkerink Fungamez -
1 EDB exploit
NA
CVE-2009-1614
Multiple cross-site scripting (XSS) vulnerabilities in Leap CMS 0.1.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the msg parameter (aka the message in an article comment) or (2) the searchterm parameter (aka the search post form). NOTE: some of th...
Gowondesigns Leap 0.1.4
1 EDB exploit
NA
CVE-2009-1626
SQL injection vulnerability in public/specific.php in EZ-Blog before Beta 2 20090427, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Will Kraft Ez-blog
Will Kraft Ez-blog -
1 EDB exploit
NA
CVE-2009-1650
Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote malicious users to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
Tenfourzero Shutter 0.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »