Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-0448
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
Syntax Desktop Syntax Desktop 2.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-0513
Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote malicious users to execute arbitrary PHP code via a URL in the classFiles parameter to (1) admin/doc/index.php, (2) index.php, and (3) base/menu.php in mod/.
Webframe Webframe 0.76
1 EDB exploit
7.5
CVSSv2
CVE-2009-0514
Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.
Webframe Webframe 0.76
1 EDB exploit
7.5
CVSSv2
CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, ...
Playsms Playsms 0.9.3
1 EDB exploit
7.5
CVSSv2
CVE-2009-1510
Multiple directory traversal vulnerabilities in KoschtIT Image Gallery 1.82 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the file parameter to (1) ki_makepic.php and (2) ki_nojsdisplayimage.php in ki_base/.
Koschtit Koschtit Image Gallery 1.82
1 EDB exploit
6.4
CVSSv2
CVE-2009-1637
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote malicious users to change the admin e-mail address and password via the email and password parameters.
Simplecustomer Simple Customer 1.3
1 EDB exploit
6.8
CVSSv2
CVE-2009-1765
Multiple directory traversal vulnerabilities in pluck 4.6.2, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the langpref parameter to (1) data/modules/contactform/module_info.php, (2) data/modules/...
Pluck-cms Pluck 4.6.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-1771
index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote malicious users to create or modify admin accounts via the (1) users[fullname], (2) users[email], (3) users[role_id], (4) users[username], and (5...
Flyspeck Flyspeck Cms 6.8
1 EDB exploit
4.3
CVSSv2
CVE-2008-5061
Cross-site scripting (XSS) vulnerability in php/cal_default.php in Mini Web Calendar (mwcal) 1.2 allows remote malicious users to inject arbitrary web script or HTML via the URL.
Smolinari Mini Web Calendar 1.2
1 EDB exploit
10
CVSSv2
CVE-2008-2689
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
Browsercrm Browsercrm 5.002.00
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »