Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
romancyxhacker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6325
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote malicious users to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.
Fastpublish Fastpublish Cms 1.9999
1 EDB exploit
NA
CVE-2007-6347
PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote malicious users to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some ...
Viart Shop Evaluation 3.3.2
Viart Shop Free 3.3.2
Viart Helpdesk 3.3.2
Viart Cms 3.3.2
1 EDB exploit
NA
CVE-2007-6479
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, w...
Dokeos Dokeos 1.8.4
1 EDB exploit
NA
CVE-2008-1069
Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.
Quantum Game Library Quantum Game Library 0.7.2c
1 EDB exploit
NA
CVE-2009-0763
Cross-site scripting (XSS) vulnerability in default.php in Kipper 2.01 allows remote malicious users to inject arbitrary web script or HTML via the charm parameter.
Bookelves Kipper 2.01
1 EDB exploit
NA
CVE-2009-0764
Multiple cross-site scripting (XSS) vulnerabilities in Kipper 2.01 allow remote malicious users to inject arbitrary web script or HTML via the charm parameter to (1) index.php and (2) kipper.php. NOTE: the provenance of this information is unknown; the details are obtained solely...
Bookelves Kipper 2.01
1 EDB exploit
NA
CVE-2009-0766
Directory traversal vulnerability in default.php in Kipper 2.01 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained ...
Bookelves Kipper 2.01
1 EDB exploit
NA
CVE-2009-0767
Kipper 2.01 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a file containing credentials via a direct request for job/config.data.
Bookelves Kipper 2.01
1 EDB exploit
NA
CVE-2009-0765
Directory traversal vulnerability in index.php in Kipper 2.01 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the configfile parameter.
Bookelves Kipper 2.01
1 EDB exploit
NA
CVE-2008-2911
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Contenido 4.8.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) contenido, (2) Belang, and (3) username parameters.
Contenido Contendio 4.8.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »