Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
khashayar fereidani vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3721
PHP remote file inclusion vulnerability in user_language.php in DeeEmm CMS (DMCMS) 0.7.4 allows remote malicious users to execute arbitrary PHP code via a URL in the language_dir parameter.
Deeemm Dmcms 0.7.4
1 EDB exploit
NA
CVE-2008-3712
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) query string to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/co...
Mambo Mambo 4.6.2
Mambo Mambo 4.6.5
2 EDB exploits
NA
CVE-2008-3569
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the text parameter to (1) iart.php and (2) ming.php.
Apache Friends Xampp 1.6.7
2 EDB exploits
NA
CVE-2008-3574
Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, when register_globals is enabled, allow remote malicious users to inject arbitrary web script or HTML via the (1) lang_footer parameter to (a) data/inc/footer.php; the (2) pluck_version, (3) lang_install22, (4) t...
Pluck Pluck 4.5.2
1 EDB exploit
NA
CVE-2008-3556
Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote malicious users to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same...
Haudenschilt Battlenet Clan Script 1.5.2
1 EDB exploit
NA
CVE-2008-3415
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg f...
Cmscout Cmscout 2.05
1 EDB exploit
NA
CVE-2008-3405
Directory traversal vulnerability in index.php in Ricardo Amaral nzFotolog 0.4.1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the action_file parameter.
Nazgulled Nzfotolog 0.4.1
1 EDB exploit
NA
CVE-2008-3368
PHP remote file inclusion vulnerability in tools/packages/import.php in ATutor 1.6.1 pl1 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via a URL in the type parameter.
Atutor Atutor 1.2.1
Atutor Atutor 1.2.2
Atutor Atutor 1.4.2
Atutor Atutor 0.9.7
Atutor Atutor 1.0
Atutor Atutor 1.4
Atutor Atutor 1.4.1
Atutor Atutor 1.5.3.2
Atutor Atutor 1.5.4
Atutor Atutor 1.3
Atutor Atutor 1.3.1
Atutor Atutor 1.5.1
Atutor Atutor 1.5.2
Atutor Atutor
Atutor Atutor 1.4.3
Atutor Atutor 1.5.5
Atutor Atutor 1.6
Atutor Atutor 0.9.6
Atutor Atutor 1.3.2
Atutor Atutor 1.3.3
Atutor Atutor 1.5.3
Atutor Atutor 1.5.3.1
1 EDB exploit
NA
CVE-2008-2196
Cross-site scripting (XSS) vulnerability in admin.php in LifeType 1.2.8 allows remote malicious users to inject arbitrary web script or HTML via the newBlogUserName parameter in an addBlogUser action, a different vector than CVE-2008-2178.
Lifetype Lifetype 1.2.8
1 EDB exploit
NA
CVE-2008-2202
Multiple cross-site scripting (XSS) vulnerabilities in Maian Uploader 4.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) keywords parameter to upload/admin/index.php in a search action, the (2) msg_charset and (3) msg_header9 parameters to admin/i...
Maianscriptworld Maian Uploader 4.0
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »