Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bd0rk vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2007-5178
contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote malicious users to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in th...
Mxbb Mx Glance 2.3.3
1 EDB exploit
755
VMScore
CVE-2008-1712
PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote malicious users to execute arbitrary PHP code via a URL in the mx_root_path parameter.
Mx-system Mxbb 2.0.0 Beta
1 EDB exploit
755
VMScore
CVE-2007-1983
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote malicious users to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than CVE-2006-2871.
Cyboards Cyboards Php Lite 1.21
1 EDB exploit
785
VMScore
CVE-2009-0331
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then thi...
Quirm Espg 1.72
1 EDB exploit
435
VMScore
CVE-2011-4572
Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a ...
Codefuture Cf Image Hosting Script 1.4.1
Codefuture Cf Image Hosting Script 1.3.82
1 EDB exploit
755
VMScore
CVE-2010-4878
PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the script_pfad parameter.
Hinnendahl Kontakt Formular 1.1
1 EDB exploit
755
VMScore
CVE-2010-4884
PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote malicious users to execute arbitrary PHP code via a URL in the script_pfad parameter.
Hinnendahl Gaestebuch 1.2
1 EDB exploit
1000
VMScore
CVE-1999-0953
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
Matt Wright Wwwboard 2.0 Alpha 2.1
1 EDB exploit
755
VMScore
CVE-2007-4585
Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
2532gigs 2532gigs 1.2.1
1 EDB exploit
685
VMScore
CVE-2007-1106
PHP remote file inclusion vulnerability in includes/functions_nomoketos_rules.php in the NoMoKeTos Rules 0.0.1 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Nomoketos Rules Nomoketos Rules 0.0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »