Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
800
VMScore
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
760
VMScore
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
555
VMScore
CVE-2008-0403
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote malicious users to read and modify configuration via a direct request to SaveCfgFile.cgi.
Belkin F5d9230-4
1 EDB exploit
435
VMScore
CVE-2006-4479
Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via the subgroupname parameter.
Visualshapers Ezcontents 2.0.3
1 EDB exploit
555
VMScore
CVE-2006-4586
The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modif_profil.php, and changing a password ...
Tr Forum Tr Forum 2.0
1 EDB exploit
755
VMScore
CVE-2006-4632
Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.
Softbb Softbb
1 EDB exploit
755
VMScore
CVE-2007-0972
Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote malicious users to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related...
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
515
VMScore
CVE-2007-0986
PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote malicious users to execute arbitrary PHP code via an ftp URL in the n parameter.
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
755
VMScore
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
505
VMScore
CVE-2006-4633
index.php in SoftBB 0.1, and possibly earlier, allows remote malicious users to obtain the installation path via a null or invalid page[] parameter.
Softbb Softbb
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »