Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5914
Direct static code injection vulnerability in dirsys/modules/config/post.php in JBC Explorer 7.20 RC1 and previous versions allows remote authenticated administrators to inject arbitrary PHP code via the DEBUG parameter, which can be executed by accessing config.inc.php. NOTE: th...
Jean Charles Jbc Explorer
1 EDB exploit
NA
CVE-2007-0598
SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote malicious users to execute arbitrary SQL commands via the fid cookie to forum.php.
Aztek Forum Aztek Forum 4.0
1 EDB exploit
NA
CVE-2006-5085
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote malicious users to execute arbitrary PHP code via the nom_blog parameter, which is injected into include/variables.php.
Pixel Motion Pixel Motion Blog 2.1.1
1 EDB exploit
NA
CVE-2006-5086
Blog Pixel Motion 2.1.1 allows remote malicious users to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but i...
Pixel Motion Pixel Motion Blog 2.1.1
1 EDB exploit
NA
CVE-2006-4479
Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via the subgroupname parameter.
Visualshapers Ezcontents 2.0.3
1 EDB exploit
NA
CVE-2006-5318
PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote malicious users to execute arbitrary PHP code via an FTP URL in the section parameter.
Nayco Jasmine
1 EDB exploit
NA
CVE-2006-4478
SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote malicious users to execute arbitrary SQL commands via the groupname parameter.
Visualshapers Ezcontents 2.0.3
1 EDB exploit
NA
CVE-2006-4586
The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modif_profil.php, and changing a password ...
Tr Forum Tr Forum 2.0
1 EDB exploit
NA
CVE-2006-4633
index.php in SoftBB 0.1, and possibly earlier, allows remote malicious users to obtain the installation path via a null or invalid page[] parameter.
Softbb Softbb
1 EDB exploit
NA
CVE-2008-0403
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote malicious users to read and modify configuration via a direct request to SaveCfgFile.cgi.
Belkin F5d9230-4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »