Every CVE whose affected-product data names Valarsoft Webmatic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2007-0839 — CVSS 7.5 (high): Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2.6 allow remote attackers to execute…
CVE-2007-3648 — CVSS 7.5 (high): SQL injection vulnerability in Webmatic before 2.6.2, and possibly other versions before 2.7, allows remote attackers to execute arbitrary…
CVE-2007-3727 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area."
CVE-2008-2925 — CVSS 7.5 (high): SQL injection vulnerability in Webmatic before 2.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4380 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to execute arbitrary SQL commands via…
CVE-2010-4808 — CVSS 7.5 (high): SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2012-3350 — CVSS 6.8 (medium): SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP…
CVE-2008-2924 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Webmatic before 2.8 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2009-4379 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Valarsoft Webmatic before 3.0.3 allow remote attackers to inject arbitrary web…