Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2007-6124
Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote malicious users to inject arbitrary web script or HTML via the errmsg parameter.
Softbiz Freelancers Script 1.0
1 EDB exploit
685
VMScore
CVE-2008-6926
Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action....
Netenberg Fantastico De Luxe
1 EDB exploit
435
VMScore
CVE-2008-6927
Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote malicious users to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (...
Cpanel Cpanel
1 EDB exploit
435
VMScore
CVE-2008-6982
Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote malicious users to inject arbitrary web script or HTML via the currentpath parameter.
Devalcms Devalcms 1.4a
1 EDB exploit
755
VMScore
CVE-2008-6983
modules/tool/hitcounter.php in devalcms 1.4a allows remote malicious users to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gv_folder_data parameter, as demonstrated by modifying modules/tool/url2header.php.
Devalcms Devalcms 1.4a
1 EDB exploit
505
VMScore
CVE-2009-4961
Lanai Core 0.6 allows remote malicious users to obtain configuration information via a direct request to info.php, which calls the phpinfo function.
Lanai-core Lanai-core 0.6
1 EDB exploit
655
VMScore
CVE-2008-3368
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Atutor Atutor 1.2.1
Atutor Atutor 1.2.2
Atutor Atutor 1.4.2
Atutor Atutor 0.9.7
Atutor Atutor 1.0
Atutor Atutor 1.4
Atutor Atutor 1.4.1
Atutor Atutor 1.5.3.2
Atutor Atutor 1.5.4
Atutor Atutor 1.3
Atutor Atutor 1.3.1
Atutor Atutor 1.5.1
Atutor Atutor 1.5.2
Atutor Atutor
Atutor Atutor 1.4.3
Atutor Atutor 1.5.5
Atutor Atutor 1.6
Atutor Atutor 0.9.6
Atutor Atutor 1.3.2
Atutor Atutor 1.3.3
Atutor Atutor 1.5.3
Atutor Atutor 1.5.3.1
1 EDB exploit
755
VMScore
CVE-2008-3415
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg f...
Cmscout Cmscout 2.05
1 EDB exploit
655
VMScore
CVE-2007-5997
SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
Softbizscripts Banner Exchange Network Script 1.0
1 EDB exploit
655
VMScore
CVE-2007-5998
SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenticated users to execute arbitrary SQL commands via the package parameter.
Softbizscripts Ad Management Plus Script 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »