Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s.w.a.t. vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
NA
CVE-2007-0573
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the racineTBS parameter.
Nsgalphp Nsgalphp 0.41
1 EDB exploit
NA
CVE-2007-5800
Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and previous versions plugin for WordPress allow remote malicious users to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate...
Tom Willmot Backupwordpress Plugin
1 EDB exploit
NA
CVE-2008-6900
Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th...
Availscript Availscript Article Script
1 EDB exploit
7.5
CVSSv3
CVE-2008-6157
SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which allows context-dependent malicious users to obtain sensitive information.
Sepcity Classified Ads -
1 EDB exploit
NA
CVE-2007-4978
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
Phpsyncml Phpsyncml
1 EDB exploit
NA
CVE-2008-3192
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Sclek Jsite 1.0
1 EDB exploit
NA
CVE-2008-7301
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sclek Jsite 1.0
1 EDB exploit
NA
CVE-2007-5573
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootdir parameter.
Limesurvey Limesurvey
1 EDB exploit
NA
CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Maian Guestbook
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »