Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4549
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote malicious users to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.
Imageshack Imageshack Toolbar 4.5.7
Imageshack Imageshack Toolbar 4.5.7.69
1 EDB exploit
NA
CVE-2005-3324
SQL injection vulnerability in chat.php in MWChat 6.8 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Appindex Mwchat 6.8
1 EDB exploit
NA
CVE-2005-3686
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard prior to 1.5.3 Patch 4 allows remote malicious users to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2005-3738
globals.php in Mambo Site Server 4.0.14 and previous versions, when register_globals is disabled, allows remote malicious users to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php...
Mambo Mambo Site Server 4.0.12 Rc1
Mambo Mambo Site Server 4.0.12 Rc2
Mambo Mambo Site Server 4.0.11
Mambo Mambo Site Server 4.0.12
Mambo Mambo Site Server 4.0
Mambo Mambo Site Server 4.0.10
Mambo Mambo Site Server 4.0.12 Rc3
Mambo Mambo Site Server 4.0.14
Mambo Mambo Site Server 4.0.12 Beta
Mambo Mambo Site Server 4.0.12 Beta 2
1 EDB exploit
NA
CVE-2006-1828
SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote malicious users to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php12...
Php121 Php121 Instant Messenger
1 EDB exploit
NA
CVE-2006-1831
Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions prior to 2.25 allows remote malicious users to execute arbitrary commands via a leading ; (semicolon) in the name parameter in a systemdoc action, which is injected into phpinfo....
Coder-world Sysinfo 1.21
1 EDB exploit
NA
CVE-2006-1832
sysinfo.cgi in sysinfo 1.21 allows remote malicious users to obtain the installation path via the debugger action.
Coder-world Sysinfo 1.21
1 EDB exploit
NA
CVE-2006-1839
PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote malicious users to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call.
Php Album Php Album 0.3.2.3
1 EDB exploit
NA
CVE-2006-2156
Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and previous versions allows remote malicious users to include arbitrary files via .. (dot dot) sequences in the help_file parameter.
X7 Group X7 Chat 1.3.2b
X7 Group X7 Chat 1.3.3b
X7 Group X7 Chat 1.3.4b
X7 Group X7 Chat 1.3.5b
X7 Group X7 Chat 1.3.6
X7 Group X7 Chat 2.0
1 EDB exploit
NA
CVE-2006-2743
Drupal 4.6.x prior to 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote malicious users to upload, modify, or execute arbitrary files in the files directory.
Drupal Drupal 4.6.3
Drupal Drupal 4.6.4
Drupal Drupal 4.6.1
Drupal Drupal 4.6.2
Drupal Drupal 4.6.5
Drupal Drupal 4.6.6
Drupal Drupal 4.7.0
Drupal Drupal 4.6
Drupal Drupal 4.6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »