Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pepelux vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2008-4499
Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.
Php Web Explorer Php Web Explorer Lite
Php Web Explorer Php Web Explorer Lite 0.99a
2 EDB exploits
1000
VMScore
CVE-2008-4509
Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ro...
Foss Gallery Foss Gallery 1.0
3 EDB exploits
435
VMScore
CVE-2008-6012
Directory traversal vulnerability in index.php in Pritlog 0.4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action.
Hardkap Pritlog
Hardkap Pritlog 0.3
Hardkap Pritlog 0.2
1 EDB exploit
505
VMScore
CVE-2008-4146
Addalink 1.0 beta 4 and previous versions allows remote malicious users to (1) approve web-site additions via a modified approved field and (2) change the visit-counter value via a modified counter field.
Addalink Addalink
1 EDB exploit
505
VMScore
CVE-2011-0514
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote malicious users to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
Hp Data Protector Manager 6.11
1 EDB exploit
755
VMScore
CVE-2008-6001
index.php in ADN Forum 1.0b and previous versions allows remote malicious users to bypass authentication and gain sysop access via a fpusuario cookie composed of an initial sysop: string, an arbitrary password field, and a final :sysop:0 string.
Adnforum Adnforum
1 EDB exploit
515
VMScore
CVE-2008-6074
Directory traversal vulnerability in frame.php in phpcrs 2.06 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the importFunction parameter.
Phpcrs Phpcrs 2.05
Phpcrs Phpcrs 2.04
Phpcrs Phpcrs 2.01
Phpcrs Phpcrs 2.00
Phpcrs Phpcrs 2.03
Phpcrs Phpcrs 2.02
Phpcrs Phpcrs 1.01
Phpcrs Phpcrs
1 EDB exploit
755
VMScore
CVE-2008-6083
Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Txtshop Txtshop 1.0
1 EDB exploit
755
VMScore
CVE-2008-6180
SQL injection vulnerability in system/nlb_user.class.php in NewLife Blogger 3.0 and previous versions, and possibly 3.3.1, allows remote malicious users to execute arbitrary SQL commands via the nlb3 cookie.
Newlife Blogger Newlife Blogger
Newlife Blogger Newlife Blogger 3.3.1
1 EDB exploit
755
VMScore
CVE-2008-4341
add.php in MyBlog 0.9.8 and previous versions allows remote malicious users to bypass authentication and gain administrative access by setting a cookie with admin=yes and login=admin.
Myblog Myblog
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »