Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0448
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
Syntax Desktop Syntax Desktop 2.7
1 EDB exploit
NA
CVE-2009-0513
Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote malicious users to execute arbitrary PHP code via a URL in the classFiles parameter to (1) admin/doc/index.php, (2) index.php, and (3) base/menu.php in mod/.
Webframe Webframe 0.76
1 EDB exploit
NA
CVE-2009-0514
Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.
Webframe Webframe 0.76
1 EDB exploit
NA
CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, ...
Playsms Playsms 0.9.3
1 EDB exploit
NA
CVE-2009-1510
Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the file parameter to (1) ki_makepic.php and (2) ki_nojsdisplayimage.php in ki_base/.
Koschtit Koschtit Image Gallery 1.82
1 EDB exploit
NA
CVE-2009-1637
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote malicious users to change the admin e-mail address and password via the email and password parameters.
Simplecustomer Simple Customer 1.3
1 EDB exploit
NA
CVE-2009-1765
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/...
Pluck-cms Pluck 4.6.2
1 EDB exploit
NA
CVE-2009-1771
index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote malicious users to create or modify admin accounts via the (1) users[fullname], (2) users[email], (3) users[role_id], (4) users[username], and (5...
Flyspeck Flyspeck Cms 6.8
1 EDB exploit
NA
CVE-2008-5061
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote malicious users to inject arbitrary web script or HTML via the URL.
Smolinari Mini Web Calendar 1.2
1 EDB exploit
NA
CVE-2008-2689
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
Browsercrm Browsercrm 5.002.00
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »