Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-5318
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in ...
Kishore Asokan Kish Guest Posting Plugin 1.2
1 EDB exploit
NA
CVE-2014-8083
SQL injection vulnerability in the Search::setJsonAlert method in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Osclass Osclass
NA
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
NA
CVE-2014-8085
Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct r...
Osclass Osclass
NA
CVE-2008-5968
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1...
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar
1 EDB exploit
NA
CVE-2014-5298
FileUploadsFilter.php in X2Engine 4.1.7 and previous versions, when running on case-insensitive file systems, allows remote malicious users to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains u...
X2engine X2engine
NA
CVE-2012-5223
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and previous versions allows remote malicious users to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted ...
Crawlability Vbseo 3.5.0
Crawlability Vbseo 3.3.0
Crawlability Vbseo 3.0.0
Crawlability Vbseo 2.3.0
Crawlability Vbseo 2.2.0
Crawlability Vbseo 3.1.0
Crawlability Vbseo 3.5.1
Crawlability Vbseo 3.6.0
Crawlability Vbseo 3.2.0
Crawlability Vbseo 2.0.0
Crawlability Vbseo
Crawlability Vbseo 3.5.2
Crawlability Vbseo 2.4.5
Crawlability Vbseo 2.4.0
Crawlability Vbseo 3.3.1
Crawlability Vbseo 2.1.1
Crawlability Vbseo 2.1.0
1 EDB exploit
NA
CVE-2009-0820
Multiple eval injection vulnerabilities in phpScheduleIt prior to 1.2.11 allow remote malicious users to execute arbitrary code via (1) the end_date parameter to reserve.php and (2) the start_date and end_date parameters to check.php. NOTE: the start_date/reserve.php vector is al...
Php.brickhost Phpscheduleit 1.0
Php.brickhost Phpscheduleit 1.0.0rc1
Php.brickhost Phpscheduleit 1.0 Rc1
Php.brickhost Phpscheduleit 1.2.0
Php.brickhost Phpscheduleit 1.2.7
Php.brickhost Phpscheduleit 1.2.9
Php.brickhost Phpscheduleit 1.2.2
Php.brickhost Phpscheduleit 1.2.3
Php.brickhost Phpscheduleit 1.2.4
Php.brickhost Phpscheduleit 1.2.5
Php.brickhost Phpscheduleit 1.2.1
Php.brickhost Phpscheduleit 1.2.6
Php.brickhost Phpscheduleit 1.2.8
Php.brickhost Phpscheduleit
1 EDB exploit
NA
CVE-2013-2749
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3528. Reason: This candidate is a reservation duplicate of CVE-2013-3528. Notes: All CVE users should reference CVE-2013-3528 instead of this candidate. All references and descriptions in this candidate have ...
1 EDB exploit
NA
CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and previous versions does not require administrative authentication for an addupdate action, which allows remote malicious users to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web ...
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.24
Phpicalendar Phpicalendar
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »