Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ciph3r vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2008-3313
Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _admin...
Creacms Creacms 1.0
2 EDB exploits
760
VMScore
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config...
Runcms Newbb Plus Module 0.93
Runcms Runcms 1.6.1
2 EDB exploits
940
VMScore
CVE-2008-3957
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to ...
Microsoft Windows Image Acquisition Logger
2 EDB exploits
755
VMScore
CVE-2008-2854
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
Orlando Cms Orlando Cms 0.6
1 EDB exploit
755
VMScore
CVE-2008-3299
eSyndiCat 1.6 allows remote malicious users to bypass authentication and gain administrative access by setting the admin_lng cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Esyndicat Esyndicat 1.6
1 EDB exploit
725
VMScore
CVE-2008-7002
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) pa...
Php Php 5.2.5
1 EDB exploit
755
VMScore
CVE-2008-5945
Nukeviet 2.0 Beta allows remote malicious users to bypass authentication and gain administrative access by setting the admf cookie to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Nukevietcms Nukeviet 2.0
1 EDB exploit
755
VMScore
CVE-2008-3296
Directory traversal vulnerability in modules/system/admin.php in XOOPS 2.0.18 1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...
Xoops Xoops 2.0.18.1
1 EDB exploit
755
VMScore
CVE-2008-3300
AlphAdmin CMS 1.0.5/03 allows remote malicious users to bypass authentication and gain administrative access by setting the aa_login cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Alphadmin Alphadmin Cms 1.0.5
1 EDB exploit
755
VMScore
CVE-2008-4081
admin/login.php in Stash 1.0.3 allows remote malicious users to bypass authentication and gain administrative access by setting a bsm cookie.
Stash Stash 1.0.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »