Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
NA
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
NA
CVE-2007-5125
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1171. Reason: This candidate is a duplicate of CVE-2007-1171. Notes: All CVE users should reference CVE-2007-1171 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2006-5259
PHP remote file inclusion vulnerability in param_editor.php in Compteur 2 allows remote malicious users to execute arbitrary PHP code via a URL in the folder parameter.
Compteur Compteur 2
1 EDB exploit
NA
CVE-2007-0972
Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote malicious users to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related...
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
NA
CVE-2007-0987
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
NA
CVE-2007-1254
SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and previous versions allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.
Connectix Connectix Boards 0.4.2
Connectix Connectix Boards 0.4.3
Connectix Connectix Boards 0.6
Connectix Connectix Boards 0.6.1
Connectix Connectix Boards 0.4
Connectix Connectix Boards 0.4.1
Connectix Connectix Boards 0.5.4
Connectix Connectix Boards 0.5.5
Connectix Connectix Boards 0.4.4
Connectix Connectix Boards 0.5
Connectix Connectix Boards 0.5.1
Connectix Connectix Boards 0.7
Connectix Connectix Boards 0.5.2
Connectix Connectix Boards 0.5.3
1 EDB exploit
NA
CVE-2007-1635
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
NA
CVE-2006-2946
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote malicious users to obtain database username and password information.
Dmx Forum Dmx Forum
1 EDB exploit
NA
CVE-2006-2867
SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the post parameter.
Coolforum Coolforum
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »