Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3010
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.
Cutephp Cutenews
1 EDB exploit
NA
CVE-2005-3157
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
NA
CVE-2006-0852
Direct static code injection vulnerability in write.php in Admbook 1.2.2 and previous versions allows remote malicious users to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php.
Devscripts Admbook
1 EDB exploit
NA
CVE-2006-1149
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote malicious users to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
Owl Owl Intranet Engine 0.6
Owl Owl Intranet Engine 0.72
Owl Owl Intranet Engine 0.73
Owl Owl Intranet Engine 0.8
Owl Owl Intranet Engine 0.82
1 EDB exploit
NA
CVE-2006-1162
Directory traversal vulnerability in Nodez 4.6.1.1 and previous versions allows remote malicious users to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat...
Nodez Nodez 4.6.1.1
1 EDB exploit
NA
CVE-2006-1164
Nodez 4.6.1.1 and previous versions stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote malicious users to obtain usernames and password hashes by directly accessing list.gtdat.
Nodez Nodez 4.6.1.1
1 EDB exploit
NA
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and previous versions, and 2.1 before RC-2a, allows remote malicious users to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
Gallery Project Gallery 2.0.3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.1 Rc1
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.1 Rc2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
1 EDB exploit
NA
CVE-2009-3967
SQL injection vulnerability in browse.php in Ed Charkow SuperCharged Linking allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ed Charkow Supercharged Linking
1 EDB exploit
NA
CVE-2006-6237
SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote malicious users to execute arbitrary SQL commands via the threadvisit Cookie parameter.
Woltlab Burning Board Lite 1.0.2
1 EDB exploit
NA
CVE-2006-6289
Woltlab Burning Board (wBB) Lite 1.0.2 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote malicious users to execute arbitrary SQL commands via the wbb_userid pa...
Woltlab Burning Board Lite 1.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »