Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1347
SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
Greg Neustaetter Gcards
1 EDB exploit
NA
CVE-2006-1348
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be res...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
NA
CVE-2006-1371
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and previous versions allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
Xhp Cms
1 EDB exploit
NA
CVE-2006-1480
Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote malicious users to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (...
Duda Webalbum
1 EDB exploit
NA
CVE-2006-1495
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote malicious users to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
Phpcollab Phpcollab 2.5.rc3
Netoffice Netoffice 2.5.3 Pl1
Phpcollab Phpcollab 2.4
1 EDB exploit
NA
CVE-2006-2516
mainfile.php in XOOPS 2.0.13.2 and previous versions, when register_globals is enabled, allows remote malicious users to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to mi...
Xoops Xoops 2.0
Xoops Xoops 2.0.4
Xoops Xoops 2.0.5
Xoops Xoops 2.0.9.3
Xoops Xoops
Xoops Xoops 2.0.11
Xoops Xoops 2.0.12 Jp
Xoops Xoops 2.0.6
Xoops Xoops 2.0.7
Xoops Xoops 2.0.13.1
Xoops Xoops 2.0.2
Xoops Xoops 2.0.3
Xoops Xoops 2.0.9
Xoops Xoops 2.0.9.2
Xoops Xoops 2.0.1
Xoops Xoops 2.0.10
Xoops Xoops 2.0.5.1
Xoops Xoops 2.0.5.2
1 EDB exploit
NA
CVE-2006-2583
PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter.
Nucleus Group Nucleus Cms
1 EDB exploit
NA
CVE-2006-2667
Direct static code injection vulnerability in WordPress 2.0.2 and previous versions allows remote malicious users to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in (1...
Wordpress Wordpress
1 EDB exploit
NA
CVE-2006-2459
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter.
Php Fusion Php Fusion 6.00.307
Php Fusion Php Fusion 6.00.306
1 EDB exploit
NA
CVE-2006-2460
Sugar Suite Open Source (SugarCRM) 4.2 and previous versions, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote malicious users to conduct attacks such as directory traversal or PHP remote ...
Sugarcrm Sugarcrm 3.5
Sugarcrm Sugarcrm 4.0
Sugarcrm Sugarcrm 4.1
Sugarcrm Sugarcrm 4.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »