Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingoftheworld vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5802
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by ...
Firewolf Technologies Synergiser
2 EDB exploits
NA
CVE-2007-5773
Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote malicious users to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.
Flatnuke3 Flatnuke3
1 EDB exploit
NA
CVE-2007-5771
Flatnuke 3 (aka FlatnuX) allows remote malicious users to obtain administrative access via a myforum%00 cookie.
Flatnuke3 Flatnuke3
1 EDB exploit
NA
CVE-2007-5772
Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthe...
Flatnuke3 Flatnuke3
1 EDB exploit
NA
CVE-2007-5774
index.php in the File Manager module in Flatnuke 3 allows remote malicious users to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message.
Flatnuke3 Flatnuke3
1 EDB exploit
NA
CVE-2007-5823
Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and previous versions allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in the username parameter in a Register action.
Scribe Scribe 0.2
1 EDB exploit
NA
CVE-2007-6159
SQL injection vulnerability in index.php in Tilde CMS 4.x and previous versions allows remote malicious users to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500.
Tilde Tilde Cms 4.0
1 EDB exploit
NA
CVE-2007-6160
Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and previous versions allows remote malicious users to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action.
Tilde Tilde Cms 4.0
1 EDB exploit
NA
CVE-2007-6185
Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials.
Eurologon Eurologon Cms
1 EDB exploit
NA
CVE-2008-7163
Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and previous versions, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via the sine[config][index_main] parameter.
Sinecms Sinecms 2.1.1
Sinecms Sinecms 2.1
Sinecms Sinecms 2.2
Sinecms Sinecms 2.2.1
Sinecms Sinecms 2.0
Sinecms Sinecms
Sinecms Sinecms 2.3.2
Sinecms Sinecms 2.3.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »