Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost hacker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4737
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via the dom parameter.
Noc2 Whodomlite 1.1.3
1 EDB exploit
NA
CVE-2008-3127
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the hm parameter.
Hiox India Banner Rotator 1.3
1 EDB exploit
NA
CVE-2008-4751
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote malicious users to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597.
Epistream Ipei Guestbook 2.0
1 EDB exploit
NA
CVE-2008-3183
PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote malicious users to execute arbitrary PHP code via a URL in the dirDepth parameter.
Gapi Cms Gapicms 9.0.2
1 EDB exploit
NA
CVE-2008-3293
Directory traversal vulnerability in download.php in EZWebAlbum allows remote malicious users to read arbitrary files via the dlfilename parameter.
Ezwebalbum Ezwebalbum 1.0
1 EDB exploit
NA
CVE-2008-3402
Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the hm parameter to (1) hioxupdate.php and (2) hioxstats.php.
Hscripts Hiox Random Ad 2.0
1 EDB exploit
NA
CVE-2008-5596
Ikon AdManager 2.1 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for ikonBAnner_AdManager.mdb.
Dotnetindex Ikon Admanager
1 EDB exploit
NA
CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from...
Iyziforum Iyzi Forum 1.0
1 EDB exploit
NA
CVE-2008-5932
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtai...
Codeavalanche Freeforum Nil
1 EDB exploit
NA
CVE-2008-6305
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
Freedirectoryscript Free Directory Script 1.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »