Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dsecrg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7055
module.php in ezContents 2.0.3 allows remote malicious users to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" (doubled dot dot slash) sequences in the link parameter, which is not properly filtered using th...
Visualshapers Ezcontents 2.0.3
1 EDB exploit
NA
CVE-2009-1212
Multiple insecure method vulnerabilities in PRECIS~2.DLL in the PrecisionID Datamatrix ActiveX control (DMATRIXLib.Datamatrix) allow remote malicious users to overwrite arbitrary files via the (1) SaveBarCode and (2) SaveEnhWMF methods.
Precisionid Data Matrix Barcode Activex Control -
1 EDB exploit
NA
CVE-2008-1145
Directory traversal vulnerability in WEBrick in Ruby 1.8 prior to 1.8.5-p115 and 1.8.6-p114, and 1.9 up to and including 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote malicious users to access arbitrary f...
Ruby-lang Webrick -
Fedoraproject Fedora 8
Fedoraproject Fedora 7
1 EDB exploit
NA
CVE-2008-1331
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 prior to 210/091.001, OXO600 prior to 610/014.001, and other versions, allows remote malicious users to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the i...
Alcatel-lucent Omnipcx Office
1 EDB exploit
NA
CVE-2008-3363
Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote malicious users to include and execute arbitrary local files via a ..\ (dot dot backslash) in the include parameter.
Dokeos E-learning System 1.8.5
1 EDB exploit
NA
CVE-2008-3390
Directory traversal vulnerability in libraries/general.init.php in Minishowcase Image Gallery 09b136, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Minishowcase Minishowcase Image Gallery 09b136
1 EDB exploit
NA
CVE-2008-3851
Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Windows allow remote malicious users to include and execute arbitrary local files via a ..\ (dot dot backslash) in the (1) blogpost, (2) cat, and (3) file parameters to data/inc/themes/predefined_variables.php, as...
Pluck Pluck 4.5.2
1 EDB exploit
NA
CVE-2007-6545
Multiple cross-site scripting (XSS) vulnerabilities in RunCMS prior to 1.6.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the subject parameter to modules/news/submit.php; (2) the PATH_INFO to modules/news/index.php, possibly related to the XoopsPag...
Runcms Runcms
1 EDB exploit
NA
CVE-2007-6546
RunCMS prior to 1.6.1 uses a predictable session id, which makes it easier for remote malicious users to hijack sessions via a modified id.
Runcms Runcms
1 EDB exploit
NA
CVE-2007-6547
RunCMS prior to 1.6.1 does not require entry of the old password during a password change, which allows context-dependent malicious users to change passwords upon obtaining temporary access to a session.
Runcms Runcms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »