Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1141
PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote malicious users to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.
Reamday Enterprises Magic News Plus 1.0.2
1 EDB exploit
6.8
CVSSv2
CVE-2007-5294
PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote malicious users to execute arbitrary PHP code via a URL in the site_absolute_path parameter.
Idmos Idmos 1.0-beta
1 EDB exploit
5.1
CVSSv2
CVE-2006-5137
Multiple direct static code injection vulnerabilities in Groupee UBB.threads 6.5.1.1 allow remote malicious users to (1) inject PHP code via a theme[] array parameter to admin/doedittheme.php, which is injected into includes/theme.inc.php; (2) inject PHP code via a config[] array...
Ubbcentral Ubb.threads 6.5.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-3575
PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[gsLanguage] parameter, a different vector than CVE-2006-4477 and CVE-2004-0132.
Ezcontents Ezcontents Cms
1 EDB exploit
7.5
CVSSv2
CVE-2007-2257
PHP remote file inclusion vulnerability in subscp.php in Fully Modded phpBB2 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Fully Modded Phpbb Fully Modded Phpbb2
1 EDB exploit
2.6
CVSSv2
CVE-2007-5293
Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote malicious users to inject arbitrary web script or HTML via the (1) err_msg parameter to error.php and the (2) content parameter to templates/simple/ia.php.
Idmos Idmos 1.0-beta
1 EDB exploit
6.4
CVSSv2
CVE-2007-5298
Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote malicious users to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php.
Creamotion Creamotion .
1 EDB exploit
7.5
CVSSv2
CVE-2007-5305
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) ...
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
7.5
CVSSv2
CVE-2006-5411
Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and previous versions, allows remote malicious users to upload and execute arbitrary PHP programs.
Justin White Freewps
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »