Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6547
RunCMS prior to 1.6.1 does not require entry of the old password during a password change, which allows context-dependent malicious users to change passwords upon obtaining temporary access to a session.
Runcms Runcms
1 EDB exploit
NA
CVE-2008-0231
Multiple directory traversal vulnerabilities in index.php in Tuned Studios (1) Subwoofer, (2) Freeze Theme, (3) Orange Cutout, (4) Lonely Maple, (5) Endless, (6) Classic Theme, and (7) Music Theme webpage templates allow remote malicious users to include and execute arbitrary fil...
Tuned Studios Orange Cutout
Tuned Studios Subwoofer
Tuned Studios Endless
Tuned Studios Freeze Theme
Tuned Studios Lonely Maple
Tuned Studios Music Theme
Tuned Studios Classic Theme
1 EDB exploit
NA
CVE-2008-0332
Directory traversal vulnerability in arias/help/effect.php in aria 0.99-6 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the page parameter.
Aria Aria 0.99-6
1 EDB exploit
NA
CVE-2008-0359
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) admin.php or (2) index.php in photo/.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
NA
CVE-2008-0360
Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote malicious users to execute arbitrary SQL commands via (1) the blogid parameter to index.php, (2) the user parameter to action.php, or (3) the field parameter to admin/plugins/table/index.php.
Blog Cms Blog Cms 4.2.1 C
1 EDB exploit
NA
CVE-2008-0612
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Xoops Xoops 2.0.18
1 EDB exploit
NA
CVE-2008-7084
Directory traversal vulnerability in the web server 1.0 in Velocity Security Management System allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI.
Hirschelectronics Velocity Security Management System 1.0
1 EDB exploit
NA
CVE-2008-3851
Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Windows allow remote malicious users to include and execute arbitrary local files via a ..\ (dot dot backslash) in the (1) blogpost, (2) cat, and (3) file parameters to data/inc/themes/predefined_variables.php, as...
Pluck Pluck 4.5.2
1 EDB exploit
NA
CVE-2008-0513
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector th...
Phpcms Phpcms 1.2.2
1 EDB exploit
NA
CVE-2008-0609
Directory traversal vulnerability in index.php in DivideConcept VHD Web Pack 2.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Divideconcept Vhd Web Pack 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »