Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5311
Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.07 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter.
Torrenttrader Torrenttrader 1.07
1 EDB exploit
NA
CVE-2007-5312
Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote malicious users to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php.
Torrenttrader Torrenttrader 1.07
1 EDB exploit
NA
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
1 EDB exploit
NA
CVE-2006-4877
Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and previous versions allows remote malicious users to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the table_prefix parameter in (1) index.php, (...
David Bennett Php-post
1 EDB exploit
NA
CVE-2006-4987
Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) exam...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
NA
CVE-2006-4988
Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.php, and other unspec...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
NA
CVE-2006-5017
SQL injection vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote malicious users to execute arbitrary SQL commands via the from parameter.
E-vision E-vision Cms 1.0
1 EDB exploit
NA
CVE-2006-5104
SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote malicious users to execute arbitrary SQL commands via the templatesused parameter.
Jelsoft Vbulletin 2.3.8
Jelsoft Vbulletin 2.3.0
Jelsoft Vbulletin 2.3.2
Jelsoft Vbulletin 2.3.3
Jelsoft Vbulletin 2.3.4
1 EDB exploit
NA
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote malicious users to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array...
Ubbcentral Ubb.threads 6.5.1.1
1 EDB exploit
NA
CVE-2006-5411
Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and previous versions, allows remote malicious users to upload and execute arbitrary PHP programs.
Justin White Freewps
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »