Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evuln.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0349
SQL injection vulnerability in eggblog 2.0 allows remote malicious users to execute arbitrary SQL commands via the id parameter to blog.php.
Epic Designs Eggblog 2.0
1 EDB exploit
NA
CVE-2006-0350
Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote malicious users to inject arbitrary web script or HTML via the message field to topic.php.
Epic Designs Eggblog 2.0
1 EDB exploit
NA
CVE-2006-0957
Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum prior to 1.2.1 allows remote malicious users to execute arbitrary PHP code via the (1) X-Forwarded-For and (2) Client-Ip HTTP headers, which are stored in Data/flood.db.php.
Zoneo-soft Freeforum 1.1
Zoneo-soft Freeforum 1.1.1
Zoneo-soft Freeforum 1.0
Zoneo-soft Freeforum 1.0.1
Zoneo-soft Freeforum 1.1.2
Zoneo-soft Freeforum 1.2
NA
CVE-2006-1020
SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Forum 1.0 allows remote malicious users to execute arbitrary SQL commands via the postid parameter.
Johnny Vegas Vegas Forum 1.0
NA
CVE-2006-0570
Multiple SQL injection vulnerabilities in phpstatus 1.0, when gpc_magic_quotes is disabled, allow remote malicious users to execute arbitrary SQL commands and bypass authentication via (1) the username parameter in check.php and (2) unknown attack vectors in the administrative in...
Hinton Design Phpstatus 1.0
NA
CVE-2006-0571
Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.
Hinton Design Phpstatus 1.0
NA
CVE-2006-0572
phpstatus 1.0 does not require passwords when using cookies to identify a user, which allows remote malicious users to bypass authentication.
Hinton Design Phpstatus 1.0
NA
CVE-2006-0723
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote malicious users to include arbitrary files via a URL in the php_script_path parameter.
Reamday Enterprises Magic News Lite 1.2.3
NA
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote malicious users to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters.
Teca Scripts Guestex 1.0
NA
CVE-2006-1328
SQL injection vulnerability in count.php in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) count_fieldname, (2) url_fieldname, or (3) url parameter.
Skull-splitter Download Counter Wallpaper
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »