Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s.w.a.t. vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3320
admin/index.php in Maian Guestbook 3.2 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary gbook_cookie cookie.
Maian Guestbook
1 EDB exploit
7.5
CVSSv2
CVE-2008-3321
admin/index.php in Maian Uploader 4.0 and previous versions allows remote malicious users to bypass authentication and gain administrative access by sending an arbitrary uploader_cookie cookie.
Maian Script World Maian Uploader
1 EDB exploit
6.8
CVSSv2
CVE-2007-5573
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootdir parameter.
Limesurvey Limesurvey
1 EDB exploit
6.8
CVSSv2
CVE-2007-5592
Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the Setting[OPT_includepath] parameter to (1) adminhelp.php; and (2) admin.incl.php, (3) reg.incl.php, (4) help.inc...
Awzmb Awzmb 4.2 Beta1
1 EDB exploit
7.5
CVSSv2
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
7.5
CVSSv2
CVE-2007-4978
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
Phpsyncml Phpsyncml
1 EDB exploit
7.5
CVSSv2
CVE-2008-7301
SQL injection vulnerability in admin/login.php in jSite 1.0 OE allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sclek Jsite 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-5800
Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and previous versions plugin for WordPress allow remote malicious users to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate...
Tom Willmot Backupwordpress Plugin
1 EDB exploit
7.5
CVSSv2
CVE-2007-6394
SQL injection vulnerability in index.php in Content Injector 1.53 allows remote malicious users to execute arbitrary SQL commands via the id parameter in an expand action.
P3mbo Content Injector 1.53
1 EDB exploit
6.8
CVSSv2
CVE-2008-3192
Directory traversal vulnerability in index.php in jSite 1.0 OE allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
Sclek Jsite 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »