Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
noge vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2443
Siteframe 3.2.3, and other 3.2.x versions, allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Siteframe Siteframe Cms 3.2.3
Siteframe Siteframe Cms 3.2.2
Siteframe Siteframe Cms 3.2.1
1 EDB exploit
NA
CVE-2007-6038
PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Joomlaequipment Juser 1.0.14
1 EDB exploit
NA
CVE-2008-4529
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote malicious users to execute arbitrary PHP code via a URL in the _ENV[asicms][path] parameter to (1) Association.php, (2) BigMath.php, (3) DiffieHellman.php, (4) DumbStore.php, (5) Extension.php, ...
Asicms Asicms 0.208
1 EDB exploit
NA
CVE-2008-7067
PHP remote file inclusion vulnerability in admin/plugins/Online_Users/main.php in PageTree CMS 0.0.2 BETA 0001 allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[PT_Config][dir][data] parameter.
Pagetreecms Page Tree Cms 0.0.2 Beta
1 EDB exploit
NA
CVE-2013-3524
SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for phpVMS allows remote malicious users to execute arbitrary SQL commands via the itemid parameter. NOTE: this was originally reported as a problem in phpVMS.
Simpilotgroup Pop Up News 2.0
1 EDB exploit
NA
CVE-2009-2769
PHP remote file inclusion vulnerability in include/timesheet.php in Ultrize TimeSheet 1.2.2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the config[include_dir] parameter.
Ultrize Timesheet 1.2.2
1 EDB exploit
NA
CVE-2009-2881
Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote malicious users to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/.
Artis.imag Basilic 1.5.13
1 EDB exploit
NA
CVE-2008-3371
Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions prior to 2.3.6.2, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Talkback Talkback 2.3.5
1 EDB exploit
NA
CVE-2009-4693
Multiple PHP remote file inclusion vulnerabilities in GraFX MiniCWB 2.3.0 allow remote malicious users to execute arbitrary PHP code via a URL in the LANG parameter to (1) en.inc.php, (2) hu.inc.php, (3) no.inc.php, (4) ro.inc.php, and (5) ru.inc.php in language/.
Grafxsoftware Minicwb 2.3.0
1 EDB exploit
NA
CVE-2007-5310
PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportfolio 1.0 (com_wmtportfolio) component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Webmaster-tips.net Flash Image Gallery 1.0
Joomla Joomla
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »