Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php group vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-43851
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. SQL injection vulnerability exist in multiple files in Time Tracker version 1.19.33.5606 and prior due to not properly checking of the "group" and "status" parameters in ...
Anuko Time Tracker
NA
CVE-2015-83832016
PHP bundles the Perl-Compatible Regular Expressions (PCRE) library for RegExp parsing, which SecurityCenter implements. PHP 5.6.18 was released that fixes a variety of issues in the bundled PCRE library, that includes: CVE-2015-8383 - PCRE RegExp Repeated Conditional Group Handli...
6.5
CVSSv2
CVE-2020-26255
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers i...
Getkirby Kirby
Getkirby Panel
5
CVSSv2
CVE-2005-2162
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote malicious users to execute arbitrary PHP code via the lang parameter.
Levcgi.com Myguestbook 0.6.1
1 EDB exploit
7.8
CVSSv2
CVE-2019-1597
Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service...
Cisco Firepower Extensible Operating System
Cisco Nx-os
7.8
CVSSv2
CVE-2019-1598
Multiple vulnerabilities in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause an affected device to reload, resulting in a denial of service...
Cisco Firepower Extensible Operating System
Cisco Nx-os
7.5
CVSSv2
CVE-2005-1821
PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote malicious users to execute arbitrary PHP code via the incdir parameter to downloads.php.
Powerscripts.org Powerdownload 3.0.2
Powerscripts.org Powerdownload 3.0.3
1 EDB exploit
10
CVSSv2
CVE-2008-4439
PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio prior to 1.6.3 allows remote malicious users to execute arbitrary PHP code via a URL in the INSTALL_FOLDER parameter. NOTE: the provenance of this information is unknown; the details are ...
Martinwood Datafeed Studio
1 EDB exploit
6
CVSSv2
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
6.8
CVSSv2
CVE-2008-3770
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_top.php; (2) english/acco...
Openfreeway Freeway 1.4.1.171
8 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »