Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
the_edit0r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6211
Multiple cross-site scripting (XSS) vulnerabilities in BirdBlog 1.4.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) msg parameter to (a) admin/admincore.php, the (2) month parameter to (b) admin/comments.php or (c) admin/entries.php, or the (3) p...
Birdblog Birdblog 1.4.0
4 EDB exploits
NA
CVE-2007-2300
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3...
Surat Kabar Phpwebnews 0.1
Surat Kabar Phpwebnews 0.2
3 EDB exploits
NA
CVE-2007-1248
Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php.
Built2go News Manager Blog 1.0
2 EDB exploits
NA
CVE-2006-6951
Cross-site scripting (XSS) vulnerability in blog.php in OdysseusBlog allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Odysseus Blog Odysseus Blog
1 EDB exploit
NA
CVE-2007-1928
Directory traversal vulnerability in index.php in witshare 0.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the menu parameter.
Witshare Witshare 0.9
1 EDB exploit
NA
CVE-2007-2857
PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote malicious users to execute arbitrary PHP code via a URL in the parser_path parameter.
Zakkis Technology Corporation Php Excel Parser
1 EDB exploit
NA
CVE-2007-1968
PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 up to and including 1.6, allows remote malicious users to execute arbitrary PHP code via a URL in the scoreid parameter.
Sam Crew Myblog 1.6
Sam Crew Myblog 1.4
Sam Crew Myblog 1.5
Sam Crew Myblog 1.0
Sam Crew Myblog 1.1
Sam Crew Myblog 1.2
Sam Crew Myblog 1.3
1 EDB exploit
NA
CVE-2007-2256
Cross-site scripting (XSS) vulnerability in you.php in TJSChat 0.95 allows remote malicious users to inject arbitrary web script or HTML via the user parameter.
Tjschat Tjschat 0.95
1 EDB exploit
NA
CVE-2007-2308
Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 allows remote malicious users to inject arbitrary web script or HTML via the rok parameter.
Flowers Flowers 2.0
1 EDB exploit
NA
CVE-2007-2310
Cross-site scripting (XSS) vulnerability in plugins/spaw/img_popup.php in BloofoxCMS 0.2.2 allows remote malicious users to inject arbitrary web script or HTML via the img_url parameter.
Bloofoxcms Bloofoxcms 0.2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »