Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1933
Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.
Dreamcodes Pcp-guestbook 3.0
1 EDB exploit
NA
CVE-2007-1937
PHP remote file inclusion vulnerability in smilies.php in Scorp Book 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the config parameter.
Dreamcodes Scorp Book 1.0
1 EDB exploit
NA
CVE-2007-1908
PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote malicious users to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.
Php121 Php121 Instant Messenger 2.2
1 EDB exploit
NA
CVE-2007-1795
JCcorp URLshrink 1.3.1 allows remote malicious users to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Jccorp Urlshrink 1.3.1
1 EDB exploit
NA
CVE-2007-1525
Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote malicious users to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php.
Dayfox Designs Dayfox Blog 4
1 EDB exploit
NA
CVE-2007-1479
Cross-site scripting (XSS) vulnerability in Guestbook.php in Creative Guestbook 1.0 allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
NA
CVE-2007-1487
Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) WebLog allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a showarticles action.
Cyber Inside Weblog
Cyberteddy Weblog
Sascha Schroeder Weblog
1 EDB exploit
NA
CVE-2007-1480
Creative Guestbook 1.0 allows remote malicious users to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
NA
CVE-2007-1394
Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote malicious users to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third pa...
Flat Chat Flat Chat 2.0
1 EDB exploit
NA
CVE-2006-5612
PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in GestArt beta 1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the aide parameter.
Michel Pradel Gestart Beta 1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »