Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3010
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.
Cutephp Cutenews
1 EDB exploit
NA
CVE-2005-3157
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote malicious users to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159.
Php Fusion Php Fusion 6.00.109
1 EDB exploit
NA
CVE-2005-3259
Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature,...
Versatilebulletinboard Versatilebulletinboard 1.0.0.rc2
1 EDB exploit
NA
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
NA
CVE-2006-0625
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and previous versions allows remote malicious users to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resulta...
Spip Spip 1.8.2d
Spip Spip 1.8.2e
Spip Spip 1.8.2g
1 EDB exploit
NA
CVE-2006-0644
Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Dragonfly CMS) 9.0.6.1 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in (1) the newlang parameter...
Cpg-nuke Dragonfly Cms 9.0.6 .1
1 EDB exploit
NA
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and previous versions, and 2.1 before RC-2a, allows remote malicious users to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
Gallery Project Gallery 2.0.3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.1 Rc1
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.1 Rc2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
1 EDB exploit
NA
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demo...
Alexander Palmo Simple Php Blog 0.4.6
Alexander Palmo Simple Php Blog 0.4.7
Alexander Palmo Simple Php Blog 0.4.0
Alexander Palmo Simple Php Blog 0.4.5
Alexander Palmo Simple Php Blog
1 EDB exploit
NA
CVE-2011-5034
Apache Geronimo 2.2.1 and previous versions computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE...
Apache Geronimo 2.1.5
Apache Geronimo 2.1.8
Apache Geronimo 1.0
Apache Geronimo 2.1.2
Apache Geronimo 2.1.6
Apache Geronimo 1.1
Apache Geronimo 2.2
Apache Geronimo 2.1.1
Apache Geronimo 1.1.1
Apache Geronimo 2.1
Apache Geronimo 2.1.3
Apache Geronimo 1.2
Apache Geronimo 2.1.4
Apache Geronimo
Apache Geronimo 2.0.1
Apache Geronimo 2.0.2
Apache Geronimo 2.1.7
1 EDB exploit
NA
CVE-2006-2065
SQL injection vulnerability in save.php in PHPSurveyor 0.995 and previous versions allows remote malicious users to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory tr...
Phpsurveyor Phpsurveyor 0.97 Beta
Phpsurveyor Phpsurveyor 0.98 Beta
Phpsurveyor Phpsurveyor 0.98 Stable
Phpsurveyor Phpsurveyor 0.99
Phpsurveyor Phpsurveyor 0.991
Phpsurveyor Phpsurveyor 0.992
Phpsurveyor Phpsurveyor 0.96 Beta
Phpsurveyor Phpsurveyor 0.993
Phpsurveyor Phpsurveyor 0.995
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »