Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-2378
PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.
Jtr Jax Formmailer 3.0.0
1 EDB exploit
505
VMScore
CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote malicious users to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Php-sugar Php-sugar 0.80
1 EDB exploit
515
VMScore
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
505
VMScore
CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Pollhelper -
1 EDB exploit
685
VMScore
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
755
VMScore
CVE-2009-1246
Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[fil...
Blogplus Blogplus 1.0
1 EDB exploit
755
VMScore
CVE-2009-1444
PHP remote file inclusion vulnerability in indexk.php in WebPortal CMS 0.8-beta allows remote malicious users to execute arbitrary PHP code via a URL in the lib_path parameter.
Webportal Webportal Cms 0.8 Beta
1 EDB exploit
435
VMScore
CVE-2009-1451
Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Bluevirus-design Sma-db 0.3.12
1 EDB exploit
755
VMScore
CVE-2009-1510
Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the file parameter to (1) ki_makepic.php and (2) ki_nojsdisplayimage.php in ki_base/.
Koschtit Koschtit Image Gallery 1.82
1 EDB exploit
645
VMScore
CVE-2009-1637
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote malicious users to change the admin e-mail address and password via the email and password parameters.
Simplecustomer Simple Customer 1.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »