Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2833
admin/upload.php in le.cms 1.4 and previous versions allows remote malicious users to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload pa...
Worldlevel Le.cms
1 EDB exploit
NA
CVE-2008-2907
SQL injection vulnerability in admin/index.php in WebChamado 1.1, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the eml parameter.
Webchamado Webchamado 1.1
1 EDB exploit
NA
CVE-2005-0698
PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and previous versions allows remote malicious users to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that...
Jason Hines Phpweblog 0.4.2
Jason Hines Phpweblog 0.5.2
Jason Hines Phpweblog 0.5.1
Jason Hines Phpweblog 0.5
Jason Hines Phpweblog 0.5.3
1 EDB exploit
NA
CVE-2008-6815
mykdownload.php in MyKtools 2.4 does not require administrative authentication, which allows remote malicious users to read a database backup by making a direct request, and then sending an unspecified request to the download page for the backup.
Myktools Myktools 2.4
1 EDB exploit
NA
CVE-2008-5677
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and previous versions, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it...
Kwalbum Kwalbum 0.9.4
Kwalbum Kwalbum 0.6.8
Kwalbum Kwalbum 0.6.11
Kwalbum Kwalbum 0.6.6
Kwalbum Kwalbum 0.6.9
Kwalbum Kwalbum 0.5.4
Kwalbum Kwalbum 0.6.13
Kwalbum Kwalbum 2.0.1
Kwalbum Kwalbum 0.6.10
Kwalbum Kwalbum 0.9.2
Kwalbum Kwalbum 0.5.2
Kwalbum Kwalbum 0.6.0
Kwalbum Kwalbum 2.0.4
Kwalbum Kwalbum
Kwalbum Kwalbum 0.5.8
Kwalbum Kwalbum 0.6.14
Kwalbum Kwalbum 0.6.15
Kwalbum Kwalbum 2.0
Kwalbum Kwalbum 0.5.7
Kwalbum Kwalbum 0.6.12
Kwalbum Kwalbum 0.5.12
Kwalbum Kwalbum 0.9.1
1 EDB exploit
NA
CVE-2014-9261
The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote malicious users to read arbitrary files via a .. (dot dot) in the path parameter to index.php.
Codologic Codoforum 2.5.1
1 EDB exploit
9.1
CVSSv3
CVE-2021-46424
Telesquare TLR-2005KSH 1.0.0 is affected by an arbitrary file deletion vulnerability that allows a remote malicious user to delete any file, even system internal files, via a DELETE request.
Telesquare Tlr-2005ksh Firmware 1.0.0
NA
CVE-2014-9436
Absolute path traversal vulnerability in SysAid On-Premise prior to 14.4.2 allows remote malicious users to read arbitrary files via a \\\\ (four backslashes) in the fileName parameter to getRdsLogFile.
Sysaid Sysaid
1 EDB exploit
NA
CVE-2007-2725
The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote malicious users to overwrite arbitrary files via the SaveToFile function.
Db Soft Lab Dewizardx
1 EDB exploit
NA
CVE-2007-1303
Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Rrdbrowse Rrdbrowse
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »