Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dun vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6410
Directory traversal vulnerability in show.php in ol'bookmarks manager 0.7.5 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the show parameter.
Brian Wilson Ol\\'bookmarks
1 EDB exploit
NA
CVE-2008-6668
Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php.
Dirk Bartley Nweb2fax 0.2
Dirk Bartley Nweb2fax
1 EDB exploit
NA
CVE-2008-1751
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
Ksemail Ksemail
1 EDB exploit
NA
CVE-2008-2837
SQL injection vulnerability in index.php in CMS-BRD allows remote malicious users to execute arbitrary SQL commands via the menuclick parameter.
Cms.brdconcept Cms-brd
1 EDB exploit
NA
CVE-2009-2313
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the name parameter.
Jinzora Jinzora 2.5.1
Jinzora Jinzora 0.1.1
Jinzora Jinzora 0.3.1
Jinzora Jinzora 2.0.1
Jinzora Jinzora 2.6
Jinzora Jinzora 0.9.2
Jinzora Jinzora 2.7.5
Jinzora Jinzora 2.0
Jinzora Jinzora 2.3.4
Jinzora Jinzora 2.3.3
Jinzora Jinzora 0.3
Jinzora Jinzora 0.2
Jinzora Jinzora 0.6.2
Jinzora Jinzora 0.5
Jinzora Jinzora 0.9.1
Jinzora Jinzora 0.9.4
Jinzora Jinzora 2.3.2
Jinzora Jinzora 2.3.1
Jinzora Jinzora 0.8.1
Jinzora Jinzora 0.7
Jinzora Jinzora 0.9.3
Jinzora Jinzora 1.1
1 EDB exploit
NA
CVE-2008-6402
PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mod_dir parameter.
Muskatli Sofi Webgui 0.4.2
Muskatli Sofi Webgui
Muskatli Sofi Webgui 0.6.0pre
Muskatli Sofi Webgui 0.5.2
1 EDB exploit
NA
CVE-2008-4712
Directory traversal vulnerability in pages/showblog.php in LnBlog 0.9.0 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the plugin parameter.
Lnblog Lnblog
Lnblog Lnblog 0.8.1
Lnblog Lnblog 0.8.2
Lnblog Lnblog 0.8.0
1 EDB exploit
NA
CVE-2008-6669
viewrq.php in nweb2fax 0.2.7 and previous versions allows remote malicious users to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action.
Dirk Bartley Nweb2fax 0.2.6
Dirk Bartley Nweb2fax 0.2.5
Dirk Bartley Nweb2fax 0.2.4
Dirk Bartley Nweb2fax 0.2.1
Dirk Bartley Nweb2fax
Dirk Bartley Nweb2fax 0.1
Dirk Bartley Nweb2fax 0.2
1 EDB exploit
NA
CVE-2008-4318
Observer 0.3.2.1 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Project-observer Observer 0.2.3
Project-observer Observer 0.2.2
Project-observer Observer 0.3.1
Project-observer Observer 0.30-pre-1
Project-observer Observer 0.1.2
Project-observer Observer 0.1.1
Project-observer Observer 0.1.0
Project-observer Observer 0.2.5
Project-observer Observer 0.2.4
Project-observer Observer
Project-observer Observer 0.3.2
Project-observer Observer 0.2.1
Project-observer Observer 0.2.0
1 EDB exploit
1 Github repository
NA
CVE-2008-4329
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the oe_classpath parameter.
Openengine Openengine 1.9 Beta2
Openengine Openengine 1.9 Beta3
Openengine Openengine 1.7.1
Openengine Openengine 1.8 Beta2
Openengine Openengine 1.9 Beta1
Openengine Openengine
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »