Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zorlu vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-5649
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Alstrasoft Article Manager Pro 1.6
1 EDB exploit
9.3
CVSSv2
CVE-2008-4720
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php.
Arzdev Gemini Portal 4.7
1 EDB exploit
9.3
CVSSv2
CVE-2008-0805
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...
Reality Medias Phpizabi 0.848b
1 EDB exploit
9
CVSSv2
CVE-2008-4767
Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote malicious users to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of...
Php-nuke Downloadsplus Module
1 EDB exploit
7.5
CVSSv2
CVE-2014-9448
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.
Mini-stream Rm-mp3 Converter 3.1.2.1.2010.03.30
3 EDB exploits
7.5
CVSSv2
CVE-2014-9348
SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote malicious users to execute arbitrary SQL commands via the robot parameter to admin/robots.php.
Robotstats Robotstats 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-4856
SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote malicious users to execute arbitrary SQL commands via the tarih parameter.
Aspindir Xweblog 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-4808
admin.php in Graugon PHP Article Publisher 1.0 allows remote malicious users to bypass authentication and obtain administrative access by setting the g_admin cookie to 1.
Graugon Php Article Publisher 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2009-4724
SQL injection vulnerability in shop.htm in PaymentProcessorScript.net PPScript allows remote malicious users to execute arbitrary SQL commands via the cid parameter.
Paymentprocessorscript Ppscript
2 EDB exploits
7.5
CVSSv2
CVE-2009-4546
globepersonnel_login.asp in Logoshows BBS 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »