Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Pollhelper -
1 EDB exploit
NA
CVE-2009-1246
Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[fil...
Blogplus Blogplus 1.0
1 EDB exploit
NA
CVE-2009-1447
Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
E-cart Free Shopping Cart
1 EDB exploit
NA
CVE-2009-1450
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote malicious users to execute arbitrary PHP code via a URL in the _page_content parameter.
Bluevirus-design Sma-db 0.3.12
1 EDB exploit
NA
CVE-2009-1637
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote malicious users to change the admin e-mail address and password via the email and password parameters.
Simplecustomer Simple Customer 1.3
1 EDB exploit
NA
CVE-2009-1765
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/...
Pluck-cms Pluck 4.6.2
1 EDB exploit
NA
CVE-2009-1770
Directory traversal vulnerability in includes/database/examples/addressbook.php in Flyspeck CMS 6.8 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Flyspeck Flyspeck Cms 6.8
1 EDB exploit
NA
CVE-2009-1771
index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote malicious users to create or modify admin accounts via the (1) users[fullname], (2) users[email], (3) users[role_id], (4) users[username], and (5...
Flyspeck Flyspeck Cms 6.8
1 EDB exploit
NA
CVE-2009-1846
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joomb...
Bjsintay Sitex 0.7 Beta
Bjsintay Sitex 0.7.3
Bjsintay Sitex
Bjsintay Sitex 0.7.3 Beta
Bjsintay Sitex 0.7.4 Beta
Bjsintay Sitex 0.7.2 Beta
Bjsintay Sitex 0.7.1 Beta
Bjsintay Sitex 0.6.4 Beta
1 EDB exploit
NA
CVE-2009-2112
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
Frank-karau Phpfk 7.03
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »