Lucene search
K
ValarsoftWebmatic

9 matches found

CVE
CVE
added 2012/07/12 9:0 p.m.61 views

CVE-2012-3350

The CVE-2012-3350 entry refers to a Blind SQL Injection in Webmatic 3.1.1 (vendor: valarsoft.com) via the Referer HTTP header fed to index.php. The underlying issue is improper sanitization of input used in SQL queries, enabling remote attackers to infer data (e.g., via time-based techniques) and...

6.8CVSS8.4AI score0.02925EPSS
Web
CVE
CVE
added 2007/07/12 5:0 p.m.55 views

CVE-2007-3727

Technical details are not publicly provided in the supplied documents; no affected components, versions beyond "Webmatic before 2.7", or impact vectors are specified. Monitor for updates.

7.5CVSS6.8AI score0.012EPSS
CVE
CVE
added 2008/06/30 6:0 p.m.54 views

CVE-2008-2924

Technical details about CVE-2008-2924 are not provided in the supplied documents; no affected versions, vectors, or fixes are specified. Monitor for official disclosures for updates.

4.3CVSS5.6AI score0.01033EPSS
CVE
CVE
added 2009/12/22 11:0 p.m.54 views

CVE-2009-4379

Valarsoft Webmatic is affected by CVE-2009-4379: multiple Cross-Site Scripting (XSS) vulnerabilities in Webmatic before 3.0.3 that allow remote attackers to inject arbitrary scripts/HTML via unspecified vectors. The vulnerability is documented across sources such as NVD and OpenVAS; CVSS v2 base ...

4.3CVSS5.7AI score0.01022EPSS
CVE
CVE
added 2009/12/22 11:0 p.m.52 views

CVE-2009-4380

Valarsoft Webmatic is affected by CVE-2009-4380: multiple SQL injection vulnerabilities in Webmatic before version 3.0.3. The root cause is SQL injection via unspecified vectors, enabling remote attackers to execute arbitrary SQL commands. The CVE is referenced across multiple sources (NVD, Red H...

7.5CVSS8.5AI score0.01051EPSS
CVE
CVE
added 2007/02/08 12:0 a.m.51 views

CVE-2007-0839

The CVE-2007-0839 entry describes multiple PHP remote file inclusion vulnerabilities in Valarsoft WebMatic 2.6, exploitable via index/index_album.php through the P_LIB and P_INDEX parameters. The underlying issue is remote code execution by providing a URL for these parameters, enabling an attack...

7.5CVSS7.7AI score0.03265EPSS
Web
CVE
CVE
added 2008/06/30 6:0 p.m.49 views

CVE-2008-2925

CVE-2008-2925 affects Webmatic before 2.8. It is a SQL injection vulnerability allowing remote execution of arbitrary SQL commands via unspecified vectors. Connected sources confirm the vendor/product and vulnerability class, but no explicit exploit details or patch/version remediation are provid...

7.5CVSS8.3AI score0.01063EPSS
CVE
CVE
added 2007/07/10 5:0 p.m.44 views

CVE-2007-3648

CVE-2007-3648 describes an SQL injection vulnerability in Webmatic prior to 2.6.2, with possible victims in versions before 2.7. The vulnerability allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with potential relevance to admin/admin_album.php and admin/admin_d...

7.5CVSS8.5AI score0.01096EPSS
CVE
CVE
added 2011/07/08 10:0 p.m.43 views

CVE-2010-4808

The provided documents confirm a SQL injection vulnerability in Webmatic’s index.php exploitable via the p parameter, enabling remote execution of arbitrary SQL commands. Affected software/component: Webmatic (index.php). Root cause: improper handling of the p parameter leading to SQL injection. ...

7.5CVSS8.7AI score0.0099EPSS