Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gold_m vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5819
Directory traversal vulnerability in eDNews_archive.php in eDreamers eDNews 2, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lg parameter. NOTE: some of these details are obtained from third...
Edreamers Ednews 2.0
1 EDB exploit
NA
CVE-2008-5752
Directory traversal vulnerability in getConfig.php in the Page Flip Image Gallery plugin 0.2.2 and previous versions for WordPress, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the book_id parameter. NOTE: some of ...
Wordpress Page Flip Image Gallery Plugin 0.1.1
Wordpress Page Flip Image Gallery Plugin 0.1
Wordpress Page Flip Image Gallery Plugin
Wordpress Page Flip Image Gallery Plugin 0.2.1
Wordpress Page Flip Image Gallery Plugin 0.1.4
Wordpress Page Flip Image Gallery Plugin 0.1.3
Wordpress Page Flip Image Gallery Plugin 0.2.0
Wordpress Page Flip Image Gallery Plugin 0.1.6
1 EDB exploit
NA
CVE-2008-4894
Directory traversal vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory t...
Tribiq Tribiq Cms 5.0.10a
1 EDB exploit
NA
CVE-2008-4893
Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes/header.inc.php in Tribiq CMS 5.0.10a, when register_globals is enabled, allows remote malicious users to inject arbitrary web script or HTML via the template_path parameter. NOTE: the prov...
Tribiq Tribiq Cms 5.0.10a
1 EDB exploit
NA
CVE-2008-4873
board.cgi in Sepal SPBOARD 4.5 allows remote malicious users to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action.
Sepal Spboard 4.5
1 EDB exploit
NA
CVE-2008-4502
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote malicious users to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.func.php, (3) DFF_me...
Datafeedfile Dff Framework Api
1 EDB exploit
NA
CVE-2008-2342
Directory traversal vulnerability in attachments.php in News Manager 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the id parameter.
News Manager News Manager 2.0
1 EDB exploit
NA
CVE-2008-2341
PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the read_xml_include parameter.
Avalonnet News Manager 2.0
1 EDB exploit
NA
CVE-2008-2340
Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php.
News Manager News Manager 2.0
1 EDB exploit
NA
CVE-2008-2343
News Manager 2.0 allows remote malicious users to bypass restrictions and obtain sensitive information via a direct request to (1) db/connect_str.php and (2) login/info.php.
News Manager News Manager 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »