Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuffsaid vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5837
Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote malicious users to inject arbitrary PHP code into chat_log.php via the msg parameter.
Simplechat Simplechat 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-5433
PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter.
Timm Maass Alice Cms 0.1
1 EDB exploit
5.1
CVSSv2
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector...
Middlebury College Segue Cms 1.5.8
Middlebury College Segue Cms
Middlebury College Segue Cms 1.3.5
Middlebury College Segue Cms 1.5.7
1 EDB exploit
5.1
CVSSv2
CVE-2006-5412
admin.php in PHP Outburst Easynews 4.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Php Outburst Easynews
1 EDB exploit
2.6
CVSSv2
CVE-2006-5432
Multiple direct static code injection vulnerabilities in db/txt.inc.php in phpPowerCards 2.10, when register_globals is enabled, allow remote malicious users to create or overwrite arbitrary files via the (1) email[to], (2) email[from], (3) name[to], (4) name[from], (5) picture, ...
Marc Giombetti Phppowercards 2.10
1 EDB exploit
7.5
CVSSv2
CVE-2006-5497
PHP remote file inclusion vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the themesdir parameter.
Middlebury College Segue Cms
1 EDB exploit
6.8
CVSSv2
CVE-2006-6042
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_bottom parameter.
Phpwebthings Phpwebthings
1 EDB exploit
6.8
CVSSv2
CVE-2006-6686
PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote malicious users to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
Textsend Textsend
1 EDB exploit
7.5
CVSSv2
CVE-2006-6710
Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.p...
Matteolucarelli Pgmreloaded
Matteolucarelli Pgmreloaded 0.7.1
Matteolucarelli Pgmreloaded 0.7
Matteolucarelli Pgmreloaded 0.8.2
Matteolucarelli Pgmreloaded 0.8.1
Matteolucarelli Pgmreloaded 0.5
Matteolucarelli Pgmreloaded 0.8
Matteolucarelli Pgmreloaded 0.7.3
Matteolucarelli Pgmreloaded 0.8.4
Matteolucarelli Pgmreloaded 0.8.3
Matteolucarelli Pgmreloaded 0.6.2
Matteolucarelli Pgmreloaded 0.6
1 EDB exploit
6.8
CVSSv2
CVE-2006-6770
Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Jukebox 2.7 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter in (1) popup.php, (2) rss.php, (3) ajax_requ...
Jinzora Jinzora 2.0.1
Jinzora Jinzora
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »