Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-2954
SQL injection vulnerability in password_reminder.php in ATutor prior to 1.5.1 pl1 allows remote malicious users to execute arbitrary SQL commands via the email field.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
5
CVSSv2
CVE-2005-2956
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote malicious users to obtain user chat conversations via direct requests to those files.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-3201
SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote malicious users to execute arbitrary SQL via the newsid parameter.
1 EDB exploit
7.5
CVSSv2
CVE-2005-3259
Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature,...
Versatilebulletinboard Versatilebulletinboard 1.0.0.rc2
1 EDB exploit
7.5
CVSSv2
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
10
CVSSv2
CVE-2006-7173
Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and previous versions allows remote malicious users to execute arbitrary PHP code via a crafted option_new[report_w_day] parameter in a preferenze action, which can be later accessed via option/php-stat...
Php-stats Php-stats
1 EDB exploit
5
CVSSv2
CVE-2007-6457
Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote malicious users to cause a denial of service (crash) via a long Host header.
Netwin Surgemail 38k4
1 EDB exploit
7.5
CVSSv2
CVE-2007-0639
Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and previous versions allow remote malicious users to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array ...
Guppy Guppy
1 EDB exploit
5.1
CVSSv2
CVE-2006-4723
PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, when register_globals and WebAdmin is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the SoftParserFileXml parameter.
Raidenhttpd Raidenhttpd 1.1.32
Raidenhttpd Raidenhttpd 1.1.47
Raidenhttpd Raidenhttpd
1 EDB exploit
6.4
CVSSv2
CVE-2006-4963
Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP c...
Exponent Exponent Cms 0.96.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »