Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cracker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2016-5641
This Metasploit module generates a Open API Specification 2.0 (Swagger) compliant json document that includes payload insertion points in parameters. In order for the payload to be executed, an attacker must convince someone to generate code from a specially modified swagger.json...
1 Article
9.1
CVSSv3
CVE-2022-2003
AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an malicious user to access and make unauthorized changes. This issue affects: Automa...
Automationdirect D0-06dd1 Firmware
Automationdirect D0-06dd2 Firmware
Automationdirect D0-06dr Firmware
Automationdirect D0-06da Firmware
Automationdirect D0-06ar Firmware
Automationdirect D0-06aa Firmware
Automationdirect D0-06dd1-d Firmware
Automationdirect D0-06dd2-d Firmware
Automationdirect D0-06dr-d Firmware
1 Article
NA
CVE-2024-4348
A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely. The exploit has be...
NA
CVE-2008-6840
Multiple PHP remote file inclusion vulnerabilities in V-webmail 1.6.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) CONFIG[pear_dir] parameter to (a) Mail/RFC822.php, (b) Net/Socket.php, (c) XML/Parser.php, (d) XML/Tree.php, (e) Mail/mimeDecode.p...
Christof Bruyland V-webmail 1.6.4
13 EDB exploits
6.1
CVSSv3
CVE-2023-4111
A vulnerability was found in PHP Jabbers Bus Reservation System 1.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument index/pickup_id leads to cross site scripting. The attack may be launch...
Phpjabbers Bus Reservation System 1.1
NA
CVE-2008-5943
Multiple directory traversal vulnerabilities in NavBoard 16 (2.6.0) allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter to (1) admin_modules.php and (2) modules.php.
Navboard Navboard 16
2 EDB exploits
NA
CVE-2008-2978
Directory traversal vulnerability in phpi/rss.php in Ourvideo CMS 9.5, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the prefix parameter.
Ourvideocms Ourvideo Cms 9.5
1 EDB exploit
NA
CVE-2008-2981
PHP remote file inclusion vulnerability in admin/templates/template_thumbnail.php in HomePH Design 2.10 RC2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the thumb_template parameter.
Homeph Design Homeph Design 2.10
1 EDB exploit
NA
CVE-2008-2985
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the page_language parameter.
Cmreams Cmreams Cms 1.3.1.1
1 EDB exploit
NA
CVE-2008-3445
SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 allows remote malicious users to execute arbitrary SQL commands via the location parameter.
Phpmyrealty Phpmyrealty 2.0.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »