Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
NA
CVE-2008-2686
webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and previous versions allows remote malicious users to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request...
Flux Cms Flux Cms 1.3
Flux Cms Flux Cms 1.31
Flux Cms Flux Cms 1.4
Flux Cms Flux Cms
Flux Cms Flux Cms 1.2
1 EDB exploit
NA
CVE-2008-2742
Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 up to and including 1.3.2 allows remote malicious users to execute arbitrary code by uploading a file with .php followed by a safe ex...
Achievo Achievo 1.2.0
Achievo Achievo 1.2.1
Achievo Achievo 1.3.0
Achievo Achievo 1.3.1
Achievo Achievo 1.3.2
1 EDB exploit
NA
CVE-2012-5223
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and previous versions allows remote malicious users to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted ...
Crawlability Vbseo 3.5.0
Crawlability Vbseo 3.3.0
Crawlability Vbseo 3.0.0
Crawlability Vbseo 2.3.0
Crawlability Vbseo 2.2.0
Crawlability Vbseo 3.1.0
Crawlability Vbseo 3.5.1
Crawlability Vbseo 3.6.0
Crawlability Vbseo 3.2.0
Crawlability Vbseo 2.0.0
Crawlability Vbseo
Crawlability Vbseo 3.5.2
Crawlability Vbseo 2.4.5
Crawlability Vbseo 2.4.0
Crawlability Vbseo 3.3.1
Crawlability Vbseo 2.1.1
Crawlability Vbseo 2.1.0
1 EDB exploit
NA
CVE-2012-5318
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in ...
Kishore Asokan Kish Guest Posting Plugin 1.2
1 EDB exploit
NA
CVE-2009-1911
Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and previous versions, as used in TinyWebGallery (TWG) 1.7.6 and previous versions, allows remote malicious users to include and execute arbitrary local files via a .. (dot do...
Tinywebgallery Tinywebgallery 1.7.5.1
Tinywebgallery Tinywebgallery 1.7.5
Tinywebgallery Tinywebgallery 1.7.3.3
Tinywebgallery Tinywebgallery 1.7.3.2
Tinywebgallery Tinywebgallery 1.6.2
Tinywebgallery Tinywebgallery 1.6.1
Tinywebgallery Tinywebgallery 1.5.2.1 20.09.2006 1000
Tinywebgallery Tinywebgallery 1.5.2 17.09.2006 1000
Tinywebgallery Tinywebgallery 1.7.4.5
Tinywebgallery Tinywebgallery 1.7.4.4
Tinywebgallery Tinywebgallery 1.7.3.1
Tinywebgallery Tinywebgallery 1.7.3-12.05.2008
Tinywebgallery Tinywebgallery 1.6
Tinywebgallery Tinywebgallery 1.5.5 30.10.2006 2200
Tinywebgallery Tinywebgallery 1.5.1 03.09.2006
Tinywebgallery Tinywebgallery 1.5.0.2 17.08.2006
Tinywebgallery Tinywebgallery 1.4.0.4
Tinywebgallery Tinywebgallery 1.4.0.3
Tinywebgallery Tinywebgallery 1.1.2
Tinywebgallery Tinywebgallery 1.1.1
Tinywebgallery Tinywebgallery 1.4.1.1
Tinywebgallery Tinywebgallery 1.4.1
1 EDB exploit
NA
CVE-2007-6622
SQL injection vulnerability in security.php in ZeusCMS 0.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Referer HTTP header.
Zeuscms Zeuscms
1 EDB exploit
NA
CVE-2008-0129
SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and previous versions allows remote malicious users to execute arbitrary SQL commands via the album_name parameter.
Siteatschool Siteatschool
1 EDB exploit
NA
CVE-2008-3117
Unrestricted file upload vulnerability in update_profile.php in PHPmotion 2.0 and previous versions allows remote authenticated users to execute arbitrary code by uploading a .php file with a content type of (1) image/gif, (2) image/jpeg, or (3) image/pjpeg, then accessing it via...
Phpmotion Phpmotion
Phpmotion Phpmotion 1.0
1 EDB exploit
NA
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400
CVE-2023-7252
CVE-2024-21111
denial of service
CVE-2024-29661
CVE-2024-22856
remote attackers
encryption
CVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »