Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dun vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-4329
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the oe_classpath parameter.
Openengine Openengine 1.9 Beta2
Openengine Openengine 1.9 Beta3
Openengine Openengine 1.7.1
Openengine Openengine 1.8 Beta2
Openengine Openengine 1.9 Beta1
Openengine Openengine
1 EDB exploit
7.5
CVSSv2
CVE-2008-2837
SQL injection vulnerability in index.php in CMS-BRD allows remote malicious users to execute arbitrary SQL commands via the menuclick parameter.
Cms.brdconcept Cms-brd
1 EDB exploit
7.5
CVSSv2
CVE-2008-2351
Multiple SQL injection vulnerabilities in index.php in CMS WebManager-Pro allow remote malicious users to execute arbitrary SQL commands via the (1) lang_id and (2) menu_id parameters.
Webmanager-pro Cms Webmanager-pro
1 EDB exploit
7.5
CVSSv2
CVE-2008-6410
Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
Brian Wilson Ol\\'bookmarks
1 EDB exploit
5
CVSSv2
CVE-2008-6668
Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php.
Dirk Bartley Nweb2fax 0.2
Dirk Bartley Nweb2fax
1 EDB exploit
7.5
CVSSv2
CVE-2009-2313
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the name parameter.
Jinzora Jinzora 2.5.1
Jinzora Jinzora 0.1.1
Jinzora Jinzora 0.3.1
Jinzora Jinzora 2.0.1
Jinzora Jinzora 2.6
Jinzora Jinzora 0.9.2
Jinzora Jinzora 2.7.5
Jinzora Jinzora 2.0
Jinzora Jinzora 2.3.4
Jinzora Jinzora 2.3.3
Jinzora Jinzora 0.3
Jinzora Jinzora 0.2
Jinzora Jinzora 0.6.2
Jinzora Jinzora 0.5
Jinzora Jinzora 0.9.1
Jinzora Jinzora 0.9.4
Jinzora Jinzora 2.3.2
Jinzora Jinzora 2.3.1
Jinzora Jinzora 0.8.1
Jinzora Jinzora 0.7
Jinzora Jinzora 0.9.3
Jinzora Jinzora 1.1
1 EDB exploit
9
CVSSv2
CVE-2008-5071
Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and previous versions allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.
Yoxel Yoxel 1.21
Yoxel Yoxel 1.20
Yoxel Yoxel 1.18beta
Yoxel Yoxel 1.17beta
Yoxel Yoxel 1.09beta
Yoxel Yoxel 1.08beta
Yoxel Yoxel 1.07beta
Yoxel Yoxel 1.22
Yoxel Yoxel 1.21beta
Yoxel Yoxel 1.19beta
Yoxel Yoxel 1.11beta
Yoxel Yoxel 1.10beta
Yoxel Yoxel 1.20beta
Yoxel Yoxel 1.13beta
Yoxel Yoxel 1.16beta
Yoxel Yoxel 1.15beta
Yoxel Yoxel 1.06beta
Yoxel Yoxel
Yoxel Yoxel 1.22beta
Yoxel Yoxel 1.14beta
Yoxel Yoxel 1.12beta
1 EDB exploit
6.8
CVSSv2
CVE-2008-4739
Directory traversal vulnerability in index.php in PlugSpace 0.1, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the navi parameter.
Plugspace Plugspace 0.1
1 EDB exploit
6.8
CVSSv2
CVE-2008-4712
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter.
Lnblog Lnblog
Lnblog Lnblog 0.8.1
Lnblog Lnblog 0.8.2
Lnblog Lnblog 0.8.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6223
PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the plancia parameter to crea.php.
Wotw Way Of The Warrior 5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »