Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6920
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
W2b Phpemployment 1.8
1 EDB exploit
6.5
CVSSv2
CVE-2008-6956
Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details ...
Infireal Mxcamarchive 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-5881
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to p...
Playsms Playsms 0.9.3
1 EDB exploit
4.3
CVSSv2
CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Ott Phpcksec 0.2
1 EDB exploit
9.3
CVSSv2
CVE-2008-2690
Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter to (1) kb.php, (2) login.php, (3) index.php, (4) contact_view.php, and ...
Browsercrm Browsercrm 5.002.00
1 EDB exploit
7.5
CVSSv2
CVE-2009-1846
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joomb...
Bjsintay Sitex 0.7 Beta
Bjsintay Sitex 0.7.3
Bjsintay Sitex
Bjsintay Sitex 0.7.3 Beta
Bjsintay Sitex 0.7.4 Beta
Bjsintay Sitex 0.7.2 Beta
Bjsintay Sitex 0.7.1 Beta
Bjsintay Sitex 0.6.4 Beta
1 EDB exploit
6.8
CVSSv2
CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
W2b Phpgreetcards 3.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-6921
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.
W2b Phpadboard 1.8
1 EDB exploit
7.5
CVSSv2
CVE-2008-6955
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain configuration details and passwords via a direct request for archive/config.ini.
Infireal Mxcamarchive 2.2
1 EDB exploit
5
CVSSv2
CVE-2008-6869
Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for config/oramon.ini.
Oramon Oramon 2.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »