Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2007-6124
Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote malicious users to inject arbitrary web script or HTML via the errmsg parameter.
Softbiz Freelancers Script 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-6926
Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action....
Netenberg Fantastico De Luxe
1 EDB exploit
4.3
CVSSv2
CVE-2008-6927
Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote malicious users to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (...
Cpanel Cpanel
1 EDB exploit
4.3
CVSSv2
CVE-2008-6982
Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote malicious users to inject arbitrary web script or HTML via the currentpath parameter.
Devalcms Devalcms 1.4a
1 EDB exploit
7.5
CVSSv2
CVE-2008-6983
modules/tool/hitcounter.php in devalcms 1.4a allows remote malicious users to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gv_folder_data parameter, as demonstrated by modifying modules/tool/url2header.php.
Devalcms Devalcms 1.4a
1 EDB exploit
5
CVSSv2
CVE-2009-4961
Lanai Core 0.6 allows remote malicious users to obtain configuration information via a direct request to info.php, which calls the phpinfo function.
Lanai-core Lanai-core 0.6
1 EDB exploit
6.5
CVSSv2
CVE-2008-3368
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Atutor Atutor 1.2.1
Atutor Atutor 1.2.2
Atutor Atutor 1.4.2
Atutor Atutor 0.9.7
Atutor Atutor 1.0
Atutor Atutor 1.4
Atutor Atutor 1.4.1
Atutor Atutor 1.5.3.2
Atutor Atutor 1.5.4
Atutor Atutor 1.3
Atutor Atutor 1.3.1
Atutor Atutor 1.5.1
Atutor Atutor 1.5.2
Atutor Atutor
Atutor Atutor 1.4.3
Atutor Atutor 1.5.5
Atutor Atutor 1.6
Atutor Atutor 0.9.6
Atutor Atutor 1.3.2
Atutor Atutor 1.3.3
Atutor Atutor 1.5.3
Atutor Atutor 1.5.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-3415
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg f...
Cmscout Cmscout 2.05
1 EDB exploit
6.5
CVSSv2
CVE-2007-5997
SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Softbizscripts Banner Exchange Network Script 1.0
1 EDB exploit
6.5
CVSSv2
CVE-2007-5998
SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.
Softbizscripts Ad Management Plus Script 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »