Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
charles fol vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1495
Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and previous versions, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by (1) image/gif an...
Peel Peel 2.6
Peel Peel 2.7
Peel Peel 1.0b
1 EDB exploit
NA
CVE-2008-1496
Multiple SQL injection vulnerabilities in PEEL, possibly 3.x and previous versions, allow remote malicious users to execute arbitrary SQL commands via the (1) email parameter to (a) membre.php, and the (2) timestamp parameter to (b) the details action in achat/historique_commande...
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
1 EDB exploit
NA
CVE-2008-1506
PEEL, possibly 3.x and previous versions, allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
Peel Peel
1 EDB exploit
NA
CVE-2008-1507
PEEL, possibly 3.x and previous versions, has (1) a default info@peel.fr account with password admin, and (2) a default contact@peel.fr account with password cinema, which allows remote malicious users to gain administrative access.
Peel Peel
Peel Peel 1.0b
Peel Peel 2.6
Peel Peel 2.7
1 EDB exploit
NA
CVE-2008-6833
Directory traversal vulnerability in commsrss.php in fuzzylime (cms) prior to 3.01b allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in a files array element for a blogs action, as demonstrated by the files[0] parameter.
Fuzzylime Fuzzylime \\(cms\\) 3.0.1a
Fuzzylime Fuzzylime \\(cms\\) 3.0
Fuzzylime Fuzzylime \\(cms\\) 3.0.1
1 EDB exploit
7.5
CVSSv3
CVE-2012-1563
Joomla! prior to 2.5.3 allows Admin Account Creation.
Joomla Joomla\\!
1 EDB exploit
NA
CVE-2008-7123
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 up to and including 2.3 allows remote malicious users to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter in an ajout action, which bypasses the ...
Zkup Zkup 2.0
Zkup Zkup 2.01
Zkup Zkup 2.02
Zkup Zkup 2.03
1 EDB exploit
NA
CVE-2008-6657
Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote malicious users to hijack the authentication of admins for requests that install packages via the package parameter in an install2 ...
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.1.6
1 EDB exploit
NA
CVE-2008-6658
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action...
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
NA
CVE-2008-1295
SQL injection vulnerability in archives.php in Gregory Kokanosky (aka Greg's Place) phpMyNewsletter 0.8 beta 5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the msg_id parameter.
Gregory Kokanosky Phpmynewsletter
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »