Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gulftech security vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2005-0272
ReviewPost PHP Pro prior to 2.84 allows remote malicious users to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.
Photopost Reviewpost Php Pro 2.5
Photopost Reviewpost Php Pro
Photopost Reviewpost Php Pro 1.0.2
1 EDB exploit
755
VMScore
CVE-2005-0273
Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost prior to 4.86 allow remote malicious users to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameter.
Photopost Photopost Php Pro
1 EDB exploit
435
VMScore
CVE-2005-0274
Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost prior to 4.86 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat, (2) si, (3) page, or (4) ppuser parameters.
Photopost Photopost Php Pro
1 EDB exploit
505
VMScore
CVE-2006-5031
Directory traversal vulnerability in app/webroot/js/vendors.php in Cake Software Foundation CakePHP prior to 1.1.8.3544 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter, followed by a filename ending with "%00" and a .js fil...
Cakefoundation Cakephp
1 EDB exploit
505
VMScore
CVE-2004-1422
WHM AutoPilot 2.4.6.5 and previous versions allows remote malicious users to gain sensitive information via phpinfo, which reveals php settings.
Whm Whm Autopilot 2.4.6
Whm Whm Autopilot 2.4.6.5
Whm Whm Autopilot 2.4.5
1 EDB exploit
755
VMScore
CVE-2008-3374
SQL injection vulnerability in ajax.php in Gregarius 0.5.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the rsargs array parameter in an __exp__getFeedContent action.
Gregarius Gregarius 0.2.4
Gregarius Gregarius 0.4.2
Gregarius Gregarius 0.5.0
Gregarius Gregarius 0.5.2
Gregarius Gregarius 0.3.4
Gregarius Gregarius 0.3.6
Gregarius Gregarius 0.3.0
Gregarius Gregarius 0.3.2
Gregarius Gregarius
Gregarius Gregarius 0.3.8
Gregarius Gregarius 0.4.0
1 EDB exploit
1000
VMScore
CVE-2004-1225
SQL injection vulnerability in SugarCRM Sugar Sales prior to 2.0.1a allows remote malicious users to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
Sugarcrm Sugarcrm 1.0g
Sugarcrm Sugarcrm 1.1
Sugarcrm Sugarcrm 1.5d
Sugarcrm Sugarcrm 2.0.1
Sugarcrm Sugarcrm 1.0
Sugarcrm Sugarcrm 1.0f
Sugarcrm Sugarcrm 1.1e
Sugarcrm Sugarcrm 1.1f
Sugarcrm Sugarcrm 1.1c
Sugarcrm Sugarcrm 1.1d
Sugarcrm Sugarcrm 1.1a
Sugarcrm Sugarcrm 1.1b
Sugarcrm Sugarcrm 2.0.1a
1 EDB exploit
755
VMScore
CVE-2004-1383
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and previous versions allow remote malicious users to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details...
Phpgroupware Phpgroupware 0.9.14.007
Phpgroupware Phpgroupware 0.9.16.000
Phpgroupware Phpgroupware 0.9.14
Phpgroupware Phpgroupware 0.9.14.003
Phpgroupware Phpgroupware 0.9.16 Rc1
Phpgroupware Phpgroupware 0.9.14.005
Phpgroupware Phpgroupware 0.9.14.006
Phpgroupware Phpgroupware 0.9.12
Phpgroupware Phpgroupware 0.9.13
Phpgroupware Phpgroupware 0.9.16.002
Phpgroupware Phpgroupware 0.9.16.003
1 EDB exploit
435
VMScore
CVE-2004-1412
Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote malicious users to inject arbitrary web script or HTML via the searchm parameter.
Kayako Esupport 2.2
Kayako Esupport 2.2.5
Kayako Esupport 2.1.2
Kayako Esupport 2.1.8
Kayako Esupport 2.3
1 EDB exploit
505
VMScore
CVE-2004-1413
Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote malicious users to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 parameters to index.php, or (6) the e-mail field of the Forgot Key feature.
Kayako Esupport 2.1.2
Kayako Esupport 2.1.8
Kayako Esupport 2.3
Kayako Esupport 2.2
Kayako Esupport 2.2.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »