Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2007-2157
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Zomplog Zomplog 3.8
1 EDB exploit
7.8
CVSSv2
CVE-2007-2507
Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the item parameter.
Treble Designs 1024 Cms 0.7
1 EDB exploit
7.8
CVSSv2
CVE-2007-2642
Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang2 parameter.
R2k R2k Gallery 1.7
1 EDB exploit
6.5
CVSSv2
CVE-2007-2647
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_...
Monalbum Monalbum 0.8.7
1 EDB exploit
7.5
CVSSv2
CVE-2007-3403
Unrestricted file upload vulnerability in upload.php in dreamLog (aka dreamblog) 0.5 allows remote malicious users to upload and execute arbitrary PHP code in uploads/images/ via the uploadedFile[] parameter.
Dreamlog Dreamlog 0.5
1 EDB exploit
7.5
CVSSv2
CVE-2007-2183
SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote malicious users to execute arbitrary SQL commands via the ring parameter.
Php-ring Webring System 0.9
1 EDB exploit
5
CVSSv2
CVE-2007-2184
Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the acc parameter.
Jchit Counter 1.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2005-1237
SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
China-on-site Flexphpnews
1 EDB exploit
10
CVSSv2
CVE-2007-1795
JCcorp URLshrink 1.3.1 allows remote malicious users to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Jccorp Urlshrink 1.3.1
1 EDB exploit
10
CVSSv2
CVE-2007-2715
Admin/users.php in Snaps! Gallery 1.4.4 allows remote malicious users to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
Snaps Gallery Snaps Gallery 1.4.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »