Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
265
VMScore
CVE-2007-5293
Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote malicious users to inject arbitrary web script or HTML via the (1) err_msg parameter to error.php and the (2) content parameter to templates/simple/ia.php.
Idmos Idmos 1.0-beta
1 EDB exploit
645
VMScore
CVE-2007-5298
Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote malicious users to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php.
Creamotion Creamotion .
1 EDB exploit
435
VMScore
CVE-2007-5304
Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote parameter to utilisateurs/votes...
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
505
VMScore
CVE-2007-5306
ELSEIF CMS Beta 0.6 allows remote malicious users to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
Yannick Tanguy Else If Cms 0.6-beta
1 EDB exploit
755
VMScore
CVE-2007-1141
PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote malicious users to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.
Reamday Enterprises Magic News Plus 1.0.2
1 EDB exploit
515
VMScore
CVE-2006-4836
SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already...
Codeworx Technologies Dcp-portal Se 6.0
1 EDB exploit
505
VMScore
CVE-2006-4875
Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows remote malicious users to upload picture files, and possibly files with arbitrary extensions, to gallery/albums/public.
Jupiter Cms Jupiter Cms
1 EDB exploit
755
VMScore
CVE-2006-6552
PHP remote file inclusion vulnerability in admin/plugins/NP_UserSharing.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DIR_ADMIN parameter.
Php Blog Cms 4.1.3
1 EDB exploit
755
VMScore
CVE-2005-3639
PHP file inclusion vulnerability in the osTicket module in Help Center Live prior to 2.0.3 allows remote malicious users to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability.
Ubertec Help Center Live
1 EDB exploit
755
VMScore
CVE-2008-3575
PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[gsLanguage] parameter, a different vector than CVE-2006-4477 and CVE-2004-0132.
Ezcontents Ezcontents Cms
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »