Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mhz91 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-6064
Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote malicious users to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors.
Domphp Domphp 0.81
NA
CVE-2008-1313
Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors.
Bill Roberts Bloo
NA
CVE-2008-1123
Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote malicious users to execute arbitrary PHP code via a URL in the CarpPath parameter to (1) files/carprss.php and (2) files/amazon-bestsellers.php.
Sitebuilder Sitebuilder Elite 1.2
NA
CVE-2008-1126
PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote malicious users to execute arbitrary PHP code via a URL in the pageURL parameter.
Barryvan Compo Barryvan Compo Manager 0.3
NA
CVE-2008-0818
Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php.
Freephpgallery Freephpgallery 0.6
NA
CVE-2008-0803
Multiple PHP remote file inclusion vulnerabilities in LookStrike Lan Manager 0.9 allow remote malicious users to execute arbitrary PHP code via a URL in the sys_conf[path][real] parameter to (1) modules\class\Table.php; (2) db_admins.php, (3) db_alert.php, (4) db_double.php, (5) ...
Lookstrike Lan Manager 0.9
NA
CVE-2008-0431
Directory traversal vulnerability in administrator/download.php in IDMOS (aka Phoenix) 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the fileName parameter.
Idmos Idmos Cms 1.0
NA
CVE-2008-0249
PHP Webquest 2.6 allows remote malicious users to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
Phpwebquest Phpwebquest 2.6
NA
CVE-2007-6639
SQL injection vulnerability in index.php in IPTBB 0.5.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a viewdir action.
Iptbb Team Iptbb 0.5.4
NA
CVE-2007-6632
showCode.php in xml2owl 0.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the path parameter.
Xml2owl Xml2owl 0.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook