Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crackers_child vulnerabilities and exploits
(subscribe to this query)
440
VMScore
CVE-2006-5535
Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote malicious users to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate...
Cpanel Cpanel 10.9.0 R50
2 EDB exploits
935
VMScore
CVE-2008-4719
PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329.
Openengine Openengine 2.0
1 EDB exploit
755
VMScore
CVE-2008-4721
PHP Jabbers Post Comment 3.0 allows remote malicious users to bypass authentication and gain administrative access by setting the PostCommentsAdmin cookie to "logged."
Php Jabbers Post Comment 2.0
1 EDB exploit
685
VMScore
CVE-2007-6027
PHP remote file inclusion vulnerability in admin.jjgallery.php in the Carousel Flash Image Gallery (com_jjgallery) component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Justjoomla Carousel Flash Image Gallery
1 EDB exploit
435
VMScore
CVE-2007-6141
Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 Beta allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Vbtube Vbtube 1.1 Beta
1 EDB exploit
755
VMScore
CVE-2008-6092
phpscripts Ranking Script allows remote malicious users to bypass authentication and gain administrative access by sending an admin=ja cookie.
Phpscripts Ranking-script -
1 EDB exploit
755
VMScore
CVE-2008-0653
SQL injection vulnerability in index.php in the Ynews (com_ynews) 1.0.0 component for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter in a showYNews action.
Joomla Com Ynews 1.0.0
1 EDB exploit
435
VMScore
CVE-2008-0684
Cross-site scripting (XSS) vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote malicious users to inject arbitrary web script or HTML via the CatID parameter.
Itechscripts Itechclassifieds 3.0
1 EDB exploit
585
VMScore
CVE-2007-6129
Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the id parameter. NOTE: in some environments, this can be leveraged for remote file inclusion...
Amber Script Amber Script 1.0
1 EDB exploit
685
VMScore
CVE-2007-6139
PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote malicious users to execute arbitrary PHP code via a URL in the skin_file parameter.
Mp3 Toolbox 1.0 Beta 5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »