Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
505
VMScore
CVE-2006-4633
index.php in SoftBB 0.1, and possibly earlier, allows remote malicious users to obtain the installation path via a null or invalid page[] parameter.
Softbb Softbb
1 EDB exploit
505
VMScore
CVE-2006-6755
Ixprim 1.2 allows remote malicious users to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message.
Ixprim Ixprim Cms 1.2
1 EDB exploit
515
VMScore
CVE-2006-6756
The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote malicious users to gain access to the administration panel via a brute force attack.
Ixprim Ixprim Cms 1.2
1 EDB exploit
555
VMScore
CVE-2008-0403
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication for SaveCfgFile.cgi, which allows remote malicious users to read and modify configuration via a direct request to SaveCfgFile.cgi.
Belkin F5d9230-4
1 EDB exploit
1000
VMScore
CVE-2009-0517
Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tz_env.class. NOTE: so...
Phpslash Phpslash 0.7.2
Phpslash Phpslash 0.7.1
Phpslash Phpslash 0.6.1
Phpslash Phpslash 0.8.1
Phpslash Phpslash 065
Phpslash Phpslash 0.6
Phpslash Phpslash
Phpslash Phpslash 0.5.3.2
Phpslash Phpslash 0.6.2
Phpslash Phpslash 0.61
Phpslash Phpslash 0.8.0
1 EDB exploit
755
VMScore
CVE-2007-1634
Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote malicious users to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
905
VMScore
CVE-2007-1635
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
685
VMScore
CVE-2007-5913
dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and previous versions does not require authentication, which allows remote malicious users to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name an...
Jean Charles Jbc Explorer
1 EDB exploit
685
VMScore
CVE-2007-5914
Direct static code injection vulnerability in dirsys/modules/config/post.php in JBC Explorer 7.20 RC1 and previous versions allows remote authenticated administrators to inject arbitrary PHP code via the DEBUG parameter, which can be executed by accessing config.inc.php. NOTE: th...
Jean Charles Jbc Explorer
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »