Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2009-1916
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the ns parameter.
Gscripts Dns Tools
1 EDB exploit
1000
VMScore
CVE-2009-1669
The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third...
Smarty Smarty 2.6.22
1 EDB exploit
1000
VMScore
CVE-2008-6761
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote malicious users to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting ad...
China-on-site Flexcustomer0.0.6
1 EDB exploit
1000
VMScore
CVE-2009-1361
dig.php in GScripts.net DNS Tools allows remote malicious users to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Gscripts Dns Tools
1 EDB exploit
1000
VMScore
CVE-2008-6651
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote malicious users to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.
Oxyproject Oxybox 0.85
1 EDB exploit
1000
VMScore
CVE-2009-0517
Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tz_env.class. NOTE: so...
Phpslash Phpslash 0.7.2
Phpslash Phpslash 0.7.1
Phpslash Phpslash 0.6.1
Phpslash Phpslash 0.8.1
Phpslash Phpslash 065
Phpslash Phpslash 0.6
Phpslash Phpslash
Phpslash Phpslash 0.5.3.2
Phpslash Phpslash 0.6.2
Phpslash Phpslash 0.61
Phpslash Phpslash 0.8.0
1 EDB exploit
1000
VMScore
CVE-2008-5963
Eval injection vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and previous versions allows remote malicious users to execute arbitrary PHP code via the objectname parameter.
Gravity-gtd Gravity-gtd 0.4
Gravity-gtd Gravity-gtd
Gravity-gtd Gravity-gtd 0.3
Gravity-gtd Gravity-gtd 0.2
1 EDB exploit
1000
VMScore
CVE-2008-5332
Multiple PHP remote file inclusion vulnerabilities in Pie 0.5.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) lib parameter to files in lib/action/ including (a) alias.php, (b) cancel.php, (c) context.php, (d) deadlinks.php, (e) delete.php, and o...
Pie Pie 0.5.3
1 EDB exploit
1000
VMScore
CVE-2008-5334
PHP remote file inclusion vulnerability in includes/common.php in NitroTech 0.0.3a allows remote malicious users to execute arbitrary PHP code via a URL in the root parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
1000
VMScore
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »