Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0987
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
NA
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions prior to 2.5.12 allows remote malicious users to execute arbitrary SQL commands via an admin cookie.
Nukescripts Nukesentinel
1 EDB exploit
NA
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
NA
CVE-2008-0403
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote malicious users to read and modify configuration via a direct request to SaveCfgFile.cgi.
Belkin F5d9230-4
1 EDB exploit
NA
CVE-2006-2867
SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the post parameter.
Coolforum Coolforum
1 EDB exploit
NA
CVE-2007-5125
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1171. Reason: This candidate is a duplicate of CVE-2007-1171. Notes: All CVE users should reference CVE-2007-1171 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
NA
CVE-2006-6254
administration/telecharger.php in Cahier de texte 2.0 allows remote malicious users to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte....
Cahier De Textes Cahier De Textes 2.0
Cahier De Textes Cahier De Textes
1 EDB exploit
NA
CVE-2006-6280
SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572.
O2php.com Oxygen
1 EDB exploit
NA
CVE-2006-2946
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote malicious users to obtain database username and password information.
Dmx Forum Dmx Forum
1 EDB exploit
NA
CVE-2006-2947
Dmx Forum 2.1a allows remote malicious users to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter.
Dmx Forum Dmx Forum 2.1a
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »