Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pepelux vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2008-4499
Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.
Php Web Explorer Php Web Explorer Lite
Php Web Explorer Php Web Explorer Lite 0.99a
2 EDB exploits
10
CVSSv2
CVE-2008-4509
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ro...
Foss Gallery Foss Gallery 1.0
3 EDB exploits
7.5
CVSSv2
CVE-2008-6001
index.php in ADN Forum 1.0b and previous versions allows remote malicious users to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field, and a final :sysop:0 string.
Adnforum Adnforum
1 EDB exploit
5.1
CVSSv2
CVE-2008-6074
Directory traversal vulnerability in frame.php in phpcrs 2.06 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the importFunction parameter.
Phpcrs Phpcrs 2.05
Phpcrs Phpcrs 2.04
Phpcrs Phpcrs 2.01
Phpcrs Phpcrs 2.00
Phpcrs Phpcrs 2.03
Phpcrs Phpcrs 2.02
Phpcrs Phpcrs 1.01
Phpcrs Phpcrs
1 EDB exploit
7.5
CVSSv2
CVE-2008-6083
Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Txtshop Txtshop 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-4484
main.php in Crux Gallery 1.32 and previous versions allows remote malicious users to gain administrative access by setting the name parameter to "users," as demonstrated via index.php.
Crux Software Gallery 1.31
Crux Software Gallery 1.30
Crux Software Gallery 1.2
Crux Software Gallery 1.1
Crux Software Gallery 1.0
Crux Software Gallery
Crux Software Gallery 1.32
1 EDB exploit
5
CVSSv2
CVE-2011-0514
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote malicious users to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
Hp Data Protector Manager 6.11
1 EDB exploit
4.3
CVSSv2
CVE-2008-6012
Directory traversal vulnerability in index.php in Pritlog 0.4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action.
Hardkap Pritlog
Hardkap Pritlog 0.3
Hardkap Pritlog 0.2
1 EDB exploit
6.8
CVSSv2
CVE-2008-7024
admin.php in Arz Development The Gemini Portal 4.7 and previous versions allows remote malicious users to bypass authentication and gain administrator privileges by setting the user cookie to "admin" and setting the name parameter to "users."
Arzdev Gemini Lite 3.6
Arzdev Gemini Portal 4.7
Arzdev Gemini Lite 3.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-7026
Unrestricted file upload vulnerability in filesystem3.class.php in eFront 3.5.1 build 2710 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the fi...
Efrontlearning Efront 3.5.0
Efrontlearning Efront 3.1.4
Efrontlearning Efront 3.1.3
Efrontlearning Efront
Efrontlearning Efront 3.1.2
Efrontlearning Efront 3.1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »