Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mhz91 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1123
Multiple PHP remote file inclusion vulnerabilities in SiteBuilder Elite 1.2 allow remote malicious users to execute arbitrary PHP code via a URL in the CarpPath parameter to (1) files/carprss.php and (2) files/amazon-bestsellers.php.
Sitebuilder Sitebuilder Elite 1.2
1 EDB exploit
NA
CVE-2008-1126
PHP remote file inclusion vulnerability in main.php in Barryvan Compo Manager 0.3 allows remote malicious users to execute arbitrary PHP code via a URL in the pageURL parameter.
Barryvan Compo Barryvan Compo Manager 0.3
1 EDB exploit
NA
CVE-2007-6639
SQL injection vulnerability in index.php in IPTBB 0.5.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter in a viewdir action.
Iptbb Team Iptbb 0.5.4
1 EDB exploit
NA
CVE-2008-6064
Multiple SQL injection vulnerabilities in DomPHP 0.81 allow remote malicious users to execute arbitrary SQL commands via the cat parameter to agenda/index.php, and unspecified other vectors.
Domphp Domphp 0.81
1 EDB exploit
NA
CVE-2007-6476
GF-3XPLORER 2.4 allows remote malicious users to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
Gf 3xplorer Gf 3xplorer 2.4
1 EDB exploit
NA
CVE-2007-6576
Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and previous versions allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php.
Adultscript Adultscript
1 EDB exploit
NA
CVE-2008-1313
Multiple SQL injection vulnerabilities in index.php in Bloo 1.00 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) post_id, (2) post_category_id, (3) post_year_month, and (4) static_page_id parameters; and unspecified other vectors.
Bill Roberts Bloo
1 EDB exploit
NA
CVE-2007-6557
Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote malicious users to execute arbitrary SQL commands via the ItemID parameter to (1) comments.php, (2) view.php, (3) siteadmin/ViewItem.php, and unspecified other vectors.
Megacheatz Megacheatz 1.1
1 EDB exploit
NA
CVE-2007-6632
showCode.php in xml2owl 0.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the path parameter.
Xml2owl Xml2owl 0.1.1
1 EDB exploit
NA
CVE-2008-0249
PHP Webquest 2.6 allows remote malicious users to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
Phpwebquest Phpwebquest 2.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »