Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bd0rk vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-5093
Directory traversal vulnerability in gastbuch.php in Gästebuch (Gastebuch) 1.6 allows remote malicious users to read arbitrary files via a .. (dot dot) in the start parameter.
Php4scripte Gastebuch 1.6
1 EDB exploit
NA
CVE-2006-6726
PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remote malicious users to execute arbitrary PHP code via a URL in the inews_path parameter.
Inertianews Inertianews 0.02
1 EDB exploit
NA
CVE-2006-6738
PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Cwm-design Cwmcounter
1 EDB exploit
NA
CVE-2006-6801
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the news_cfg[path] parameter.
Sh-news Sh-news 0.93
1 EDB exploit
NA
CVE-2006-6866
STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.
Stphp Easynews 4.0
1 EDB exploit
NA
CVE-2006-6889
FreeStyle Wiki (fswiki) 3.6.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain passwords via a direct request for config/user.dat.
Freestyle Freestyle Wiki
1 EDB exploit
NA
CVE-2006-6890
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download passwords via a direct request for data/users.dat.
Voc-project Voodoo Chat 1.0 Rc1b
1 EDB exploit
NA
CVE-2007-0170
PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote malicious users to execute arbitrary PHP code via a URL in the AMV_serverpath parameter.
Allmyphp Allmyvisitors 0.4.0
1 EDB exploit
NA
CVE-2007-1720
Directory traversal vulnerability in addressbook.php in the Addressbook 1.2 module for PHP-Nuke allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module_name parameter, as demonstrated by injecting PHP sequences into an Apache HT...
Sb-websoft Addressbook 1.2
1 EDB exploit
NA
CVE-2007-1961
PHP remote file inclusion vulnerability in mutant_functions.php in the Mutant 0.9.2 portal for phpBB 2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Mutant 0.9.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »