Vulmon
Recent Vulnerabilities
Trends
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1300
phpFox versions 3.0.1 and below remote command execution exploit that leverages ajax.php....
1 EDB exploit available
6.8
CVSSv2
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin before 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the file in...
Kishore Asokan
Kish Guest Posting Plugin
1 EDB exploit available
9
CVSSv2
CVE-2008-4645
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function....
Phpwebgallery
1 EDB exploit available
6.5
CVSSv2
CVE-2008-3117
Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via a direct...
Phpmotion
1 EDB exploit available
7.5
CVSSv2
CVE-2008-2686
webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows remote attackers to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request for this...
Flux Cms
1 EDB exploit available
7.5
CVSSv2
CVE-2012-0694
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote attackers to execute arbitrary PHP code....
Sugarcrm
2 EDB exploits available
1 Metasploit module available
9
CVSSv2
CVE-2008-4687
manage_proj_page.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by create_function within the multi_sort function in core/utility_api.php....
Mantis
2 EDB exploits available
1 Metasploit module available
6.8
CVSSv2
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads...
Apprain
2 EDB exploits available
1 Metasploit module available
7.5
CVSSv2
CVE-2008-6632
SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header ($_SERVER['HTTP_USER_AGENT'])....
Mercuryboard
1 EDB exploit available
6.8
CVSSv2
CVE-2008-6132
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via the start_date parameter....
Brickhost
Phpscheduleit
2 EDB exploits available
1 Metasploit module available
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-11061
mods for hesk
CVE-2020-8193
remote attackers
CVE-2020-8558
reflected XSS
CVE-2020-7693
administrator privileges
mods-for-hesk
CVE-2020-15526
CVE-2020-7457
1
2
3
4
5
6
NEXT »
Vulmon