Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bd0rk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6801
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the news_cfg[path] parameter.
Sh-news Sh-news 0.93
1 EDB exploit
NA
CVE-2007-0170
PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote malicious users to execute arbitrary PHP code via a URL in the AMV_serverpath parameter.
Allmyphp Allmyvisitors 0.4.0
1 EDB exploit
NA
CVE-2011-4572
Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a ...
Codefuture Cf Image Hosting Script 1.4.1
Codefuture Cf Image Hosting Script 1.3.82
1 EDB exploit
NA
CVE-1999-0953
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
Matt Wright Wwwboard 2.0 Alpha 2.1
1 EDB exploit
NA
CVE-2007-2493
PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and previous versions module for mxBB allows remote malicious users to execute arbitrary PHP code via a URL in the module_root_path parameter.
Mxbb Mxbb Faq
Mxbb Mxbb Rules
1 EDB exploit
NA
CVE-2006-6890
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download passwords via a direct request for data/users.dat.
Voc-project Voodoo Chat 1.0 Rc1b
1 EDB exploit
NA
CVE-2007-0489
PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Visohotlink Visohotlink
1 EDB exploit
NA
CVE-2007-5178
contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote malicious users to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in th...
Mxbb Mx Glance 2.3.3
1 EDB exploit
NA
CVE-2007-6655
PHP remote file inclusion vulnerability in includes/function.php in Kontakt Formular 1.4 allows remote malicious users to execute arbitrary PHP code via a URL in the root_path parameter.
Matpo Bilder Galerie Kontakt Formular 1.4
1 EDB exploit
NA
CVE-2007-1539
Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote malicious users to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
Pragmamx Landkarten 2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »