Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2007-5312
Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote malicious users to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php.
Torrenttrader Torrenttrader 1.07
1 EDB exploit
505
VMScore
CVE-2007-5306
ELSEIF CMS Beta 0.6 allows remote malicious users to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
505
VMScore
CVE-2006-4875
Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows remote malicious users to upload picture files, and possibly files with arbitrary extensions, to gallery/albums/public.
Jupiter Cms Jupiter Cms
1 EDB exploit
435
VMScore
CVE-2006-4881
Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the replyuser parameter in (a) pm.php; (2) the txt_jumpto parameter in (b) dropdown.php; the ...
David Bennett Php-post
1 EDB exploit
435
VMScore
CVE-2006-4988
Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.php, and other unspec...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
755
VMScore
CVE-2006-5104
SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote malicious users to execute arbitrary SQL commands via the templatesused parameter.
Jelsoft Vbulletin 2.3.0
Jelsoft Vbulletin 2.3.8
Jelsoft Vbulletin 2.3.2
Jelsoft Vbulletin 2.3.4
Jelsoft Vbulletin 2.3.3
1 EDB exploit
755
VMScore
CVE-2006-6552
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
Php Blog Cms 4.1.3
1 EDB exploit
755
VMScore
CVE-2006-4987
Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) exam...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
505
VMScore
CVE-2006-4989
Patrick Michaelis Wili-CMS allows remote malicious users to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, w...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
755
VMScore
CVE-2006-5017
SQL injection vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote malicious users to execute arbitrary SQL commands via the from parameter.
E-vision E-vision Cms 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »