Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
code injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1481
savesettings.php in phpGB 1.20 and previous versions does not require authentication, which allows remote malicious users to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
Phpgb Phpgb 1.10
Phpgb Phpgb 1.20
1 EDB exploit
NA
CVE-2007-1947
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension prior to 1.04 for Mozilla Firefox allows remote malicious users to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the...
Parakey Inc. Firebug
1 EDB exploit
NA
CVE-2012-5231
miniCMS 1.0 and 2.0 allows remote malicious users to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) update.php when writing files to content/, or (b) updatenews.php when writing f...
Jessgramp Minicms 1.0
Jessgramp Minicms 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2021-26599
ImpressCMS prior to 1.4.3 allows include/findusers.php groups SQL Injection.
Impresscms Impresscms
9.8
CVSSv3
CVE-2021-44734
Embedded web server input sanitization vulnerability in Lexmark devices through 2021-12-07, which can which can lead to remote code execution on the device.
Lexmark B2236 Firmware
Lexmark Mb2236 Firmware
Lexmark Ms431 Firmware
Lexmark Ms331 Firmware
Lexmark M1342 Firmware
Lexmark B3442 Firmware
Lexmark B3340 Firmware
Lexmark Xm1342 Firmware
Lexmark Mx331 Firmware
Lexmark Mx431 Firmware
Lexmark Mb3442 Firmware
Lexmark Ms321 Firmware
Lexmark Ms421 Firmware
Lexmark Ms521 Firmware
Lexmark Ms621 Firmware
Lexmark M1242 Firmware
Lexmark M1246 Firmware
Lexmark B2338 Firmware
Lexmark B2442 Firmware
Lexmark B2546 Firmware
Lexmark B2650 Firmware
Lexmark Ms622 Firmware
8.1
CVSSv3
CVE-2014-1632
htdocs/setup/index.php in Eventum prior to 2.3.5 allows remote malicious users to inject and execute arbitrary PHP code via the hostname parameter.
Eventum Project Eventum
1 EDB exploit
9.8
CVSSv3
CVE-2012-1495
install/index.php in WebCalendar prior to 1.2.5 allows remote malicious users to execute arbitrary code via the form_single_user_login parameter.
Webcalendar Project Webcalendar
2 EDB exploits
1 Github repository
NA
CVE-2011-2505
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote malicious users to modify the SESSION superglob...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
2 EDB exploits
NA
CVE-2011-2506
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x prior to 3.3.10.2 and 3.4.x prior to 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote malicious users to conduct static code injection attacks by leveraging the ability to modi...
Phpmyadmin Phpmyadmin 3.0.1.1
Phpmyadmin Phpmyadmin 3.2.1
Phpmyadmin Phpmyadmin 3.3.10.0
Phpmyadmin Phpmyadmin 3.1.4
Phpmyadmin Phpmyadmin 3.1.3
Phpmyadmin Phpmyadmin 3.3.8.1
Phpmyadmin Phpmyadmin 3.2.0
Phpmyadmin Phpmyadmin 3.3.10.1
Phpmyadmin Phpmyadmin 3.1.2
Phpmyadmin Phpmyadmin 3.1.0
Phpmyadmin Phpmyadmin 3.3.3.0
Phpmyadmin Phpmyadmin 3.0.0
Phpmyadmin Phpmyadmin 3.3.4.0
Phpmyadmin Phpmyadmin 3.3.9.2
Phpmyadmin Phpmyadmin 3.3.1.0
Phpmyadmin Phpmyadmin 3.3.7
Phpmyadmin Phpmyadmin 3.1.5
Phpmyadmin Phpmyadmin 3.1.1
Phpmyadmin Phpmyadmin 3.3.5.0
Phpmyadmin Phpmyadmin 3.3.0.0
Phpmyadmin Phpmyadmin 3.3.6
Phpmyadmin Phpmyadmin 3.3.2.0
2 EDB exploits
8.8
CVSSv3
CVE-2021-32924
Invision Community (aka IPS Community Suite) prior to 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock method interacts unsafely with the IPS\_Theme::runProcessFunction method.
Invisioncommunity Ips Community Suite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »