Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ciph3r vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3313
Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _admin...
Creacms Creacms 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config...
Runcms Newbb Plus Module 0.93
Runcms Runcms 1.6.1
2 EDB exploits
9.3
CVSSv2
CVE-2008-3957
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to ...
Microsoft Windows Image Acquisition Logger
2 EDB exploits
7.5
CVSSv2
CVE-2008-2854
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
Orlando Cms Orlando Cms 0.6
1 EDB exploit
7.5
CVSSv2
CVE-2008-3299
eSyndiCat 1.6 allows remote malicious users to bypass authentication and gain administrative access by setting the admin_lng cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Esyndicat Esyndicat 1.6
1 EDB exploit
7.2
CVSSv2
CVE-2008-7002
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) pa...
Php Php 5.2.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-5945
Nukeviet 2.0 Beta allows remote malicious users to bypass authentication and gain administrative access by setting the admf cookie to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Nukevietcms Nukeviet 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-3296
Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...
Xoops Xoops 2.0.18.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-3300
AlphAdmin CMS 1.0.5/03 allows remote malicious users to bypass authentication and gain administrative access by setting the aa_login cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Alphadmin Alphadmin Cms 1.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-4081
admin/login.php in Stash 1.0.3 allows remote malicious users to bypass authentication and gain administrative access by setting a bsm cookie.
Stash Stash 1.0.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »