Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost hacker vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2008-4670
Cross-site scripting (XSS) vulnerability in search.php in Ed Pudol Clickbank Portal allows remote malicious users to inject arbitrary web script or HTML via the search box. NOTE: the provenance of this information is unknown; the details are obtained solely from third party infor...
Ed Putal Clickbank Portal
1 EDB exploit
435
VMScore
CVE-2008-4672
Cross-site scripting (XSS) vulnerability in search_results.php in buymyscripts Lyrics Script allows remote malicious users to inject arbitrary web script or HTML via the k parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third p...
Goodlyrics Lyrics Script
1 EDB exploit
755
VMScore
CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from...
Iyziforum Iyzi Forum 1.0
1 EDB exploit
505
VMScore
CVE-2008-5932
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtai...
Codeavalanche Freeforum Nil
1 EDB exploit
505
VMScore
CVE-2008-3293
Directory traversal vulnerability in download.php in EZWebAlbum allows remote malicious users to read arbitrary files via the dlfilename parameter.
Ezwebalbum Ezwebalbum 1.0
1 EDB exploit
755
VMScore
CVE-2008-3401
PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Random Ad (HRA) 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the hm parameter.
Hscripts Hiox Random Ad 1.3
1 EDB exploit
435
VMScore
CVE-2008-3448
Cross-site scripting (XSS) vulnerability in index.php in common solutions csphonebook 1.02 allows remote malicious users to inject arbitrary web script or HTML via the letter parameter.
Common-solutions Csphonebook 1.02
1 EDB exploit
685
VMScore
CVE-2008-3127
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the hm parameter.
Hiox India Banner Rotator 1.3
1 EDB exploit
755
VMScore
CVE-2008-7087
PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the LIBPATH parameter.
Openpro Openpro 1.3.1
1 EDB exploit
505
VMScore
CVE-2008-5572
Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for database/downloads.mdb.
Dotnetindex Professional Download Assistant 0.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »