Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-2094
PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the ads_file parameter.
Anthologia Anthologia 0.5.2
1 EDB exploit
755
VMScore
CVE-2007-2145
The imagecomments function in classes.php in MiniGal b13 allows remote malicious users to inject arbitrary PHP code into a file in the thumbs/ directory via the input parameter. NOTE: some of these details are obtained from third party information.
Minigal Minigal B13
1 EDB exploit
755
VMScore
CVE-2007-5050
Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the q parameter.
Neuron News Neuron News 1.0
1 EDB exploit
1000
VMScore
CVE-2008-0246
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadscript 1.0
Uploadscript Uploadimage 1.0
1 EDB exploit
505
VMScore
CVE-2007-2574
Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote malicious users to read arbitrary files via a .. (dot dot) in the index parameter.
Archangelmgt Weblog 0.90.02
1 EDB exploit
655
VMScore
CVE-2007-2647
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_...
Monalbum Monalbum 0.8.7
1 EDB exploit
755
VMScore
CVE-2007-2899
Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 allows remote malicious users to inject arbitrary PHP code into data/config.php via multiple parameters, as demonstrated via the threadperpage parameter in an editconfig action.
Navboard Navboard 16
1 EDB exploit
505
VMScore
CVE-2005-2412
PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote malicious users to execute arbitrary PHP code via the Include parameter.
Php Firstpost Php Firstpost
1 EDB exploit
755
VMScore
CVE-2008-0245
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadimage 1.0
Uploadscript Uploadscript 1.0
1 EDB exploit
755
VMScore
CVE-2007-3403
Unrestricted file upload vulnerability in upload.php in dreamLog (aka dreamblog) 0.5 allows remote malicious users to upload and execute arbitrary PHP code in uploads/images/ via the uploadedFile[] parameter.
Dreamlog Dreamlog 0.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »