Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5421
WSN Forum 1.3.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been label...
Wsn Forum Wsn Forum
1 EDB exploit
6.4
CVSSv2
CVE-2006-5510
Directory traversal vulnerability in explorer_load_lang.php in PH Pexplorer 0.24 allows remote malicious users to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code.
Bluevirus-design Ph Pexplorer
1 EDB exploit
2.6
CVSSv2
CVE-2006-5511
Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote malicious users to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum ...
Jaxultrabb Jaxultrabb 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-5531
PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[path] parameter.
Ascended Development Ascended Guestbook
1 EDB exploit
7.5
CVSSv2
CVE-2006-5079
PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
Php Arena Pabugs
1 EDB exploit
7.5
CVSSv2
CVE-2006-5672
PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter.
Mysource Cms Mysource Cms
1 EDB exploit
5
CVSSv2
CVE-2006-5834
Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote malicious users to include arbitrary files via a .. (dot dot) sequence in the sLanguage Cookie parameter.
Opensolution Quick.cms.lite 0.3
1 EDB exploit
7.5
CVSSv2
CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote malicious users to execute arbitrary SQL commands via the submit parameter in an email action.
Simple Invoices Simple Invoices 2007-05-25
1 EDB exploit
7.5
CVSSv2
CVE-2007-1791
SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the cat parameter.
Alexscriptengine Picture-engine
1 EDB exploit
7.5
CVSSv2
CVE-2006-2998
PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the qb_path parameter.
Free Qboard Free Qboard 1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »