Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
authentication bypass vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-6626
SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote malicious users to execute arbitrary SQL commands via the username field.
Brian Cabunac Browser To Email Phone Message System 1.0
1 EDB exploit
NA
CVE-2010-1046
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
Ryan Marshall Rostermain
1 EDB exploit
NA
CVE-2008-6241
Multiple SQL injection vulnerabilities in admin/usercheck.php in FlexPHPSite 0.0.1 and 0.0.7, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the checkuser parameter (aka username field), or (2) the checkpass parameter (ak...
China-on-site Flexphpsite 0.0.1
China-on-site Flexphpsite 0.0.7
1 EDB exploit
NA
CVE-2008-6270
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the user parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
NA
CVE-2008-6272
SQL injection vulnerability in admin/index.php in Dragan Mitic Apoll 0.7 beta and 0.7.5 allows remote malicious users to execute arbitrary SQL command via the pass parameter.
Miticdjd Apoll 0.7
Miticdjd Apoll 0.7.5
1 EDB exploit
NA
CVE-2008-6312
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2008-6327
SQL injection vulnerability in index.php in ProQuiz 1.0 allows remote malicious users to execute arbitrary SQL commands via the password parameter, a different vector than CVE-2008-6312.
Manzovi Proquiz 1.0
1 EDB exploit
NA
CVE-2008-6965
AJ Square AJ Auction OOPD, Pro Platinum Skin #1, Pro Platinum Skin #2, and Web 2.0 send a redirect but do not exit when certain scripts are called directly, which allows remote malicious users to bypass authentication via a direct request to (1) site.php, (2) auction.php, (3) mai...
Aj Square Aj Auction Web 2.0
Aj Square Aj Auction 2.0
Aj Square Aj Auction 1.0
Aj Square Aj Auction
1 EDB exploit
NA
CVE-2008-6966
AJ Square AJ Auction Pro Platinum Skin #1 sends a redirect but does not exit when it is called directly, which allows remote malicious users to bypass authentication via a direct request to admin/user.php.
Aj Square Aj Auction 1.0
1 EDB exploit
NA
CVE-2008-7041
AJ Classifieds allows remote malicious users to bypass authentication and gain administrator privileges via a direct request to admin/home.php.
Ajsquare Aj Classifieds -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »