Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2007-2647
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_...
Monalbum Monalbum 0.8.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-0245
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadimage 1.0
Uploadscript Uploadscript 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-2182
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote malicious users to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter.
Maran Php Forum
1 EDB exploit
7.5
CVSSv2
CVE-2007-2183
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote malicious users to execute arbitrary SQL commands via the ring parameter.
Php-ring Webring System 0.9
1 EDB exploit
7.5
CVSSv2
CVE-2007-1998
Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote malicious users to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.
Hiox India Guest Book 4.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-2094
PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the ads_file parameter.
Anthologia Anthologia 0.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-2145
The imagecomments function in classes.php in MiniGal b13 allows remote malicious users to inject arbitrary PHP code into a file in the thumbs/ directory via the input parameter. NOTE: some of these details are obtained from third party information.
Minigal Minigal B13
1 EDB exploit
7.8
CVSSv2
CVE-2007-2157
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Zomplog Zomplog 3.8
1 EDB exploit
7.5
CVSSv2
CVE-2007-2158
PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the G_JGALL[inc_path] parameter.
Kooijman-design Jgallery 1.3
1 EDB exploit
7.5
CVSSv2
CVE-2007-2168
Static code injection vulnerability in process.php in AimStats 3.2 and previous versions allows remote malicious users to inject PHP code into config.php via the databasehost parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...
Aimstats Aimstats
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »