Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, ...
Playsms Playsms 0.9.3
1 EDB exploit
NA
CVE-2009-0294
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) search.php, (2) archive.php, (3) comments.php, and (4) news.php; ...
Webmobo Wbnews 2.0.1
1 EDB exploit
NA
CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
W2b Phpgreetcards 3.7
1 EDB exploit
NA
CVE-2008-6920
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
W2b Phpemployment 1.8
1 EDB exploit
NA
CVE-2008-6956
Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details ...
Infireal Mxcamarchive 2.2
1 EDB exploit
NA
CVE-2009-0340
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote malicious users to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
Quirm Simple Php Newsletter 1.5
1 EDB exploit
NA
CVE-2009-0826
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Bloghelper -
1 EDB exploit
NA
CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Ott Phpcksec 0.2
1 EDB exploit
NA
CVE-2008-5770
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Phpweather Phpweather 2.2.2
1 EDB exploit
1 Github repository
NA
CVE-2008-5771
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Phpweather Phpweather 2.2.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »