Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2094
PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the ads_file parameter.
Anthologia Anthologia 0.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-2145
The imagecomments function in classes.php in MiniGal b13 allows remote malicious users to inject arbitrary PHP code into a file in the thumbs/ directory via the input parameter. NOTE: some of these details are obtained from third party information.
Minigal Minigal B13
1 EDB exploit
7.5
CVSSv2
CVE-2007-2158
PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the G_JGALL[inc_path] parameter.
Kooijman-design Jgallery 1.3
1 EDB exploit
7.5
CVSSv2
CVE-2007-2169
Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote malicious users to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php.
Mozzers Subsystem Mozzers Subsystem
1 EDB exploit
7.5
CVSSv2
CVE-2007-2183
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote malicious users to execute arbitrary SQL commands via the ring parameter.
Php-ring Webring System 0.9
1 EDB exploit
5
CVSSv2
CVE-2007-2184
Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the acc parameter.
Jchit Counter 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-0245
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadimage 1.0
Uploadscript Uploadscript 1.0
1 EDB exploit
10
CVSSv2
CVE-2008-0246
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadscript 1.0
Uploadscript Uploadimage 1.0
1 EDB exploit
7.8
CVSSv2
CVE-2007-2507
Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the item parameter.
Treble Designs 1024 Cms 0.7
1 EDB exploit
5
CVSSv2
CVE-2007-2643
Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the src parameter.
Pinkcrow Designs Designs Gallery Magazin 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »