Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mark stanislav vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2010-4313
Unrestricted file upload vulnerability in fileman_file_upload.php in Orbis CMS 1.0.2 allows remote authenticated users to execute arbitrary code by uploading a .php file, and then accessing it via a direct request to the file in uploads/.
Novo-ws Orbis Cms 1.0.2
1 EDB exploit
5
CVSSv2
CVE-2012-1670
admin/index.php in PHP Grade Book prior to 1.9.5 BETA allows remote malicious users to read the database via a SaveSQL action.
Phpgradebook Php Grade Book
Phpgradebook Php Grade Book 1.9.3
1 EDB exploit
6.8
CVSSv2
CVE-2012-1671
Directory traversal vulnerability in index.php in phpPaleo 4.8b155 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Nicolas Tormo Phppaleo
1 EDB exploit
7.5
CVSSv2
CVE-2012-1673
SQL injection vulnerability in loginscript.php in e-ticketing allows remote malicious users to execute arbitrary SQL commands via the password parameter.
Ola Lasisi E-ticketing -
1 EDB exploit
10
CVSSv2
CVE-2013-6236
IZON IP 2.0.2: hard-coded password vulnerability
Izoncam Izon Ip Firmware 2.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-6665
Directory traversal vulnerability in index.php in phpMoneyBooks 1.0.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter, a different vulnerability than CVE-2012-1669. NOTE: the provenance of this information is unknown; the details are...
Phpmoneybooks Phpmoneybooks 1.0.4
1 EDB exploit
6.8
CVSSv2
CVE-2012-5386
Directory traversal vulnerability in index.php in phpPaleo 4.8b180 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the phppaleo4_lang cookie, a different vulnerability than CVE-2012-1671. NOTE: the provenance of this information is...
Nicolas Tormo Phppaleo 4.8b180
1 EDB exploit
7.5
CVSSv2
CVE-2010-4298
SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote malicious users to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
Dustincowell Free Simple Software 1.0
2 EDB exploits
7.5
CVSSv2
CVE-2010-3307
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4) menu_left, or (5) menu_right parameter.
Dustincowell Free Simple Cms 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2