Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
muuratsalo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1170
Multiple PHP remote file inclusion vulnerabilities in KCWiki 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the page parameter to (1) minimal/wiki.php and (2) simplest/wiki.php.
Kcwiki Kcwiki 1.0
2 EDB exploits
8.8
CVSSv3
CVE-2011-4334
edit.php in LabWiki 1.1 and previous versions does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.
Labwiki Project Labwiki
1 EDB exploit
NA
CVE-2008-0559
Multiple directory traversal vulnerabilities in Nilson's Blogger 0.11 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the permalink parameter in core.php, accessed through index.php; and (2) the thispost parameter in commen...
Nilsons Blogger Nilsons Blogger 0.11
1 EDB exploit
NA
CVE-2008-0703
Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php.
Sflog Sflog
1 EDB exploit
NA
CVE-2008-0812
Directory traversal vulnerability in DMS/index.php in BanPro DMS 1.0 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the action parameter.
Banpro Net Banpro Dms 1.0
1 EDB exploit
NA
CVE-2008-0819
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Plutostatus Plutostatus Locator 1.0pre Alpha
1 EDB exploit
9.8
CVSSv3
CVE-2011-4094
Jara 1.6 has a SQL injection vulnerability.
Jara Project Jara 1.6
1 EDB exploit
6.1
CVSSv3
CVE-2011-4333
Multiple cross-site scripting (XSS) vulnerabilities in LabWiki 1.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) from parameter to index.php or the (2) page_no parameter to recentchanges.php.
Scilico Labwiki
1 EDB exploit
NA
CVE-2012-0869
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) prior to 20120215 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Ulli Horlacher Fex 20120201
Ulli Horlacher Fex 20120125
Ulli Horlacher Fex 20111129
Ulli Horlacher Fex 20111115
Ulli Horlacher Fex 20111108
Ulli Horlacher Fex 20110921
Ulli Horlacher Fex 20110920
Ulli Horlacher Fex 20110829
Ulli Horlacher Fex 20110826
Ulli Horlacher Fex 20110731
Ulli Horlacher Fex 20110730
Ulli Horlacher Fex 20110630
Ulli Horlacher Fex 20110627
Ulli Horlacher Fex 20110609
Ulli Horlacher Fex
Ulli Horlacher Fex 20120204
Ulli Horlacher Fex 20120102
Ulli Horlacher Fex 20111230
Ulli Horlacher Fex 20111013
Ulli Horlacher Fex 20111005
Ulli Horlacher Fex 20110906
Ulli Horlacher Fex 20110905
1 EDB exploit
NA
CVE-2011-5183
Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the where_clause parameter to (1) index.php, (2) index_long.php, or (3) index_short.php in ordering/interface_creator/.
Bioinformatics Ordersys 1.6.2
Bioinformatics Ordersys 1.6.1
Bioinformatics Ordersys 1.6
Bioinformatics Ordersys 1.5.6
Bioinformatics Ordersys 1.5.5
Bioinformatics Ordersys
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »