Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gold_m vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2007-1577
Directory traversal vulnerability in index.php in GeBlog 0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[tplname] parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is t...
Geblog Geblog 0.1
1 EDB exploit
1000
VMScore
CVE-2007-1620
Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[DRIVER] p...
Php Db Designer Php Db Designer
1 EDB exploit
685
VMScore
CVE-2008-1068
Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, diff...
Portail Web Php Portail Web Php
1 EDB exploit
505
VMScore
CVE-2008-1125
Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php.
Podcast Generator Podcast Generator
1 EDB exploit
685
VMScore
CVE-2007-6553
Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandl...
George Lewe Teamcal Pro
1 EDB exploit
685
VMScore
CVE-2008-0503
Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote malicious users to execute arbitrary PHP code via the filedata parameter.
Netwerk Smart Publisher 1.0.1
1 EDB exploit
755
VMScore
CVE-2007-2043
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia (com_mosmedia) 1.08 and previous versions module for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) med...
Avant-garde Solutions Mosmedia
1 EDB exploit
1000
VMScore
CVE-2007-2200
Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote malicious users to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.
Pagode Pagode 0.5.8
1 EDB exploit
755
VMScore
CVE-2007-2301
Multiple PHP remote file inclusion vulnerabilities in audioCMS arash 0.1.4 allow remote malicious users to execute arbitrary PHP code via a URL in the arashlib_dir parameter to (1) edit.inc.php and (2) list_features.inc.php in arash_lib/include, and (3) arash_gadmin.class.php and...
Arash Audiocms 0.1.4
1 EDB exploit
755
VMScore
CVE-2007-2307
PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter.
Webkalk2 Webkalk2 1.9.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »