Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
waraxe vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0678
images/captcha.php in RavenNuke 2.30 allows remote malicious users to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message.
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
6.5
CVSSv3
CVE-2013-1891
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
Opencart Opencart
1 EDB exploit
NA
CVE-2009-1064
Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and previous versions ActiveX control allows remote malicious users to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to ...
Orbitdownloader Orbit Downloader 2.7.5
Orbitdownloader Orbit Downloader 2.7.3
Orbitdownloader Orbit Downloader 2.8.5
Orbitdownloader Orbit Downloader 2.7.9
Orbitdownloader Orbit Downloader 2.6.4
Orbitdownloader Orbit Downloader 2.6.3
Orbitdownloader Orbit Downloader 2.8.3
Orbitdownloader Orbit Downloader 2.7.7
Orbitdownloader Orbit Downloader 2.7.6
Orbit Downloader Orbit Downloader 2.6.3
Orbit Downloader Orbit Downloader 2.6.4
Orbitdownloader Orbit Downloader 2.8.2
Orbitdownloader Orbit Downloader 2.8.4
Orbitdownloader Orbit Downloader 2.6.1
Orbitdownloader Orbit Downloader
Orbitdownloader Orbit Downloader 2.7.1
Orbitdownloader Orbit Downloader 2.6.5
Orbitdownloader Orbit Downloader 2.8.1
Orbitdownloader Orbit Downloader 2.7.8
1 EDB exploit
NA
CVE-2009-0672
SQL injection vulnerability in the Resend_Email module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary SQL commands via the user_prefix parameter to modules.php.
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
NA
CVE-2009-0674
images/captcha.php in Raven Web Services RavenNuke 2.30, when register_globals and display_errors are enabled, allows remote malicious users to determine the existence of local files by sending requests with full pathnames in the aFonts array parameter, and then observing the err...
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
NA
CVE-2009-0677
avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the preg_replace function with...
Ravenphpscripts Ravennuke 2.30
1 EDB exploit
NA
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
1 EDB exploit
NA
CVE-2013-1806
Multiple directory traversal vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.01
1 EDB exploit
NA
CVE-2006-0805
The CAPTCHA functionality in php-Nuke 6.0 up to and including 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote malicious users to bypass CAPTCHA controls by fixing the User Agent, performing a valid...
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 7.8
Francisco Burzi Php-nuke 7.9
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 7.7
1 EDB exploit
NA
CVE-2013-7375
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 up to and including 7.02.05 allows remote malicious users to execute arbitrary SQL commands via the user ID in a user cookie, a different vulnerability than CVE-2013-1803.
Php-fusion Php-fusion 7.02.02
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.05
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »