Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
omni vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2007
admin.php in pL-PHP beta 0.9 allows remote malicious users to bypass authentication by setting the is_admin parameter to 1.
Pl-php Pl-php 0.9 Beta
1 EDB exploit
NA
CVE-2007-2008
Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Pl-php Pl-php 0.9 Beta
1 EDB exploit
NA
CVE-2007-6234
index.php in FTP Admin 0.1.0 allows remote malicious users to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account.
Ftp Admin Ftp Admin 0.1.0
1 EDB exploit
NA
CVE-2008-0632
Unrestricted file upload vulnerability in cp_upload_image.php in LightBlog 9.5 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the blog's root directory.
Lightblog Lightblog 9.5
1 EDB exploit
NA
CVE-2007-1433
Cross-site scripting (XSS) vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, allows remote malicious users to inject arbitrary web script or HTML via the comment fields to (1) scripts/addblog_comment.php and (2) detail.php.
Grayscale Grayscale Blog
1 EDB exploit
NA
CVE-2007-2305
Multiple SQL injection vulnerabilities in authenticate.php in Quick and Dirty Blog (QDBlog) 0.4, and possibly earlier, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Qdblog Qdblog
1 EDB exploit
NA
CVE-2007-2503
Directory traversal vulnerability in turbulence.php in PHP Turbulence 0.0.1 alpha allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tcore] parameter. NOTE: this vulnerability is disputed by CVE and a reliable third party ...
Php Turbulence Php Turbulence 0.0.1 Alpha
1 EDB exploit
NA
CVE-2007-1434
SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php.
Grayscale Grayscale Blog
1 EDB exploit
NA
CVE-2007-1432
Grayscale Blog 0.8.0, and possibly earlier versions, allows remote malicious users to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks...
Grayscale Grayscale Blog
1 EDB exploit
NA
CVE-2007-6232
Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote malicious users to inject arbitrary web script or HTML via the error parameter in an error page action.
Ftp Admin 0.1.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »