Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s.w.a.t. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3317
admin/index.php in Maian Search 1.1 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary search_cookie cookie.
Maian Script World Maian Search 1.0
Maian Script World Maian Search
1 EDB exploit
NA
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2007-4757
PHP remote file inclusion vulnerability in menu.php in phpMytourney allows remote malicious users to execute arbitrary PHP code via a URL in the functions_file parameter.
Phpmytourney Phpmytourney
1 EDB exploit
NA
CVE-2008-0501
Directory traversal vulnerability in phpMyClub 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI.
Sourceforge Phpmyclub 0.0.1
1 EDB exploit
NA
CVE-2007-5573
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootdir parameter.
Limesurvey Limesurvey
1 EDB exploit
NA
CVE-2008-3749
SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Banner Management Script
1 EDB exploit
NA
CVE-2007-0573
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the racineTBS parameter.
Nsgalphp Nsgalphp 0.41
1 EDB exploit
NA
CVE-2007-6137
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote malicious users to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
P3mbo Content Injector 1.52
1 EDB exploit
NA
CVE-2007-6394
SQL injection vulnerability in index.php in Content Injector 1.53 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an expand action.
P3mbo Content Injector 1.53
1 EDB exploit
NA
CVE-2008-6150
SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Sepcity Classified Ads -
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »