Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4934
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote malicious users to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) program_files/livedraft/livedraft.php or (2) program_files/livedraft/admin.php.
Phpffl Phpffl 1.24
1 EDB exploit
NA
CVE-2007-2157
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Zomplog Zomplog 3.8
1 EDB exploit
NA
CVE-2007-2158
PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the G_JGALL[inc_path] parameter.
Kooijman-design Jgallery 1.3
1 EDB exploit
NA
CVE-2007-2169
Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote malicious users to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php.
Mozzers Subsystem Mozzers Subsystem
1 EDB exploit
NA
CVE-2007-3272
Directory traversal vulnerability in index.php in MiniBB 2.0.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the language parameter in a register action.
Minibb Minibb 2.0.5
1 EDB exploit
NA
CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
NA
CVE-2007-1480
Creative Guestbook 1.0 allows remote malicious users to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
NA
CVE-2007-1487
Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) WebLog allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a showarticles action.
Cyber Inside Weblog
Cyberteddy Weblog
Sascha Schroeder Weblog
1 EDB exploit
NA
CVE-2007-1525
Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote malicious users to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php.
Dayfox Designs Dayfox Blog 4
1 EDB exploit
NA
CVE-2007-2507
Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the item parameter.
Treble Designs 1024 Cms 0.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon