Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0764
Unrestricted file upload vulnerability in F3Site 2.1 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir param...
F3site F3site 2.1
1 EDB exploit
NA
CVE-2006-2682
PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter.
Back-end Back-end Cms 0.7.2.1
1 EDB exploit
NA
CVE-2006-2683
PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote malicious users to execute arbitrary PHP code via a URL in the REDSYS[MYPATH][TEMPLATES] parameter.
Open-medium Open-medium Cms 0.25
1 EDB exploit
NA
CVE-2006-1209
PHP Advanced Transfer Manager 1.00 up to and including 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote malicious users to download each password hash via a direct request for a users/[USERNAME]...
Bugada Andrea Php Advanced Transfer Manager 1.00
Bugada Andrea Php Advanced Transfer Manager 1.22
Bugada Andrea Php Advanced Transfer Manager 1.21
Bugada Andrea Php Advanced Transfer Manager 1.03
Bugada Andrea Php Advanced Transfer Manager 1.20
Bugada Andrea Php Advanced Transfer Manager 1.02
Bugada Andrea Php Advanced Transfer Manager 1.01
Bugada Andrea Php Advanced Transfer Manager 1.30
1 EDB exploit
NA
CVE-2006-2686
PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, ...
Actionapps Actionapps 2.8.1
1 EDB exploit
NA
CVE-2006-4721
Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the language Cookie parameter, as demonstrated by executing PHP ...
Ccleague Pro Sports Cms 1.0.1 Rc1
1 EDB exploit
NA
CVE-2006-4770
PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the skiny parameter.
Miniportal Miniportal
1 EDB exploit
NA
CVE-2006-4065
Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko SAPID Gallery 1.0 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_calendar.inc.php or the (2) GLOBALS[root_path]...
Dmitry Sheiko Sapid Gallery
1 EDB exploit
NA
CVE-2006-4204
Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and possibly earlier allow remote malicious users to execute arbitrary PHP code via a URL in the (1) path_pre parameter in lib/specialdays.php and the (2) lib_path parameter in lib/dbman_filter.inc.php.
Phprojekt Phprojekt
1 EDB exploit
NA
CVE-2006-4237
PHP remote file inclusion vulnerability in pageheaderdefault.inc.php in Invisionix Roaming System Remote (IRSR) 0.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _sysSessionPath parameter.
Invisionix Systems Invisionix Roaming System Remote
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »