Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuffsaid vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2006-6042
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_bottom parameter.
Phpwebthings Phpwebthings
1 EDB exploit
515
VMScore
CVE-2006-5412
admin.php in PHP Outburst Easynews 4.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Php Outburst Easynews
1 EDB exploit
515
VMScore
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector...
Middlebury College Segue Cms 1.5.8
Middlebury College Segue Cms 1.3.5
Middlebury College Segue Cms
Middlebury College Segue Cms 1.5.7
1 EDB exploit
515
VMScore
CVE-2006-5730
PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this ...
Modxcms Modxcms 0.9.1
Modxcms Modxcms
1 EDB exploit
755
VMScore
CVE-2006-5837
Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote malicious users to inject arbitrary PHP code into chat_log.php via the msg parameter.
Simplechat Simplechat 1.0.0
1 EDB exploit
685
VMScore
CVE-2007-3141
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042.
Phpwebthings Phpwebthings 1.5.2
1 EDB exploit
685
VMScore
CVE-2006-6686
PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote malicious users to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
Textsend Textsend
1 EDB exploit
755
VMScore
CVE-2006-6720
PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the _VIEW parameter.
Azucar Cms Azucar Cms 1.3
1 EDB exploit
755
VMScore
CVE-2006-6739
PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote malicious users to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689.
Paristemi Paristemi 0.8.3
1 EDB exploit
755
VMScore
CVE-2006-6760
Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter.
Phpmymanga Phpmymanga 0.8
Phpmymanga Phpmymanga 0.5
Phpmymanga Phpmymanga 0.6
Phpmymanga Phpmymanga
Phpmymanga Phpmymanga 0.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »