Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingoftheworld vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-5802
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by ...
Firewolf Technologies Synergiser
2 EDB exploits
7.5
CVSSv2
CVE-2007-5822
Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and previous versions allows remote malicious users to inject arbitrary PHP code into a certain file in regged/ via the username parameter in a Register action, possibly related to the register function ...
Scribe Scribe 0.2
1 EDB exploit
4.3
CVSSv2
CVE-2007-6160
Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and previous versions allows remote malicious users to inject arbitrary web script or HTML via the aarstal parameter in a yeardetail action.
Tilde Tilde Cms 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-6164
Multiple SQL injection vulnerabilities in Eurologon CMS allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) reviews.php, (2) links.php and (3) articles.php.
Eurologon Eurologon Cms
1 EDB exploit
7.5
CVSSv2
CVE-2007-6366
Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_ad...
Sinecms Sinecms
1 EDB exploit
6.5
CVSSv2
CVE-2007-6399
index.php in Flat PHP Board 1.2 and previous versions allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
Myupb Flat Php Board
1 EDB exploit
7.5
CVSSv2
CVE-2007-6159
SQL injection vulnerability in index.php in Tilde CMS 4.x and previous versions allows remote malicious users to execute arbitrary SQL commands via the aarstal parameter in a yeardetail action, a different vector than CVE-2006-1500.
Tilde Tilde Cms 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-6185
Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials.
Eurologon Eurologon Cms
1 EDB exploit
7.5
CVSSv2
CVE-2007-6292
SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Mwopen E-commerce 0
Mwopen E-commerce 1.4
1 EDB exploit
5
CVSSv2
CVE-2007-6395
Flat PHP Board 1.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain credentials via a direct request for the username php file for any user account in users/.
Flat Php Board
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »