Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary code vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-46581
SQL injection vulnerability in Inventory Management v.1.0 allows a local malicious user to execute arbitrary code via the name, uname and email parameters in the registration.php component.
Code-projects Inventory Management 1.0
1 Github repository
NA
CVE-2010-1658
Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote malicious users to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
Code-garage Com Noticeboard 1.3
1 EDB exploit
6.1
CVSSv3
CVE-2023-46020
Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters.
Code-projects Blood Bank 1.0
1 Github repository
NA
CVE-2006-6551
PHP remote file inclusion vulnerability in libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainutils.inc.php in Tucows Client Code Suite (CCS) 1.2.1015 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _ENV[TCA_HOME] parameter.
Tucows Client Code Suite 1.2.1015
1 EDB exploit
NA
CVE-2007-2569
Multiple PHP remote file inclusion vulnerabilities in Friendly 1.0d1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the friendly_path parameter to (1) core/data/yaml.inc.php, or _load.php in (2) core/data/, (3) core/display/, or (4) ...
Practical Creative And Code Friendly
1 EDB exploit
5.5
CVSSv3
CVE-2023-46018
SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows malicious users to run arbitrary SQL commands via 'remail' parameter.
Code-projects Blood Bank 1.0
1 Github repository
5.5
CVSSv3
CVE-2023-46014
SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.
Code-projects Blood Bank 1.0
2 Github repositories
5.5
CVSSv3
CVE-2023-46017
SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via 'remail' and 'rpassword' parameters.
Code-projects Blood Bank 1.0
1 Github repository
7.8
CVSSv3
CVE-2023-46022
SQL Injection vulnerability in delete.php in Code-Projects Blood Bank 1.0 allows malicious users to run arbitrary SQL commands via the 'bid' parameter.
Code-projects Blood Bank 1.0
1 Github repository
9.8
CVSSv3
CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin prior to 3.5 for WordPress allows unauthenticated malicious users to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The ...
Oturia Smart Google Code Inserter
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »