Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evuln.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4503
Directory traversal vulnerability in link.php in NX5Linx 1.0 allows remote malicious users to read arbitrary files via the logo parameter.
Nx5 Nx5linx 1.0
NA
CVE-2006-0844
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote malicious users to bypass login authentication, probably by setting the blogAdmin cookie.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
Leif M. Wright Web Blog 3.5
NA
CVE-2006-0941
Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote malicious users to inject arbitrary web script or HTML via certain variables when posting new messages.
Cynical Games Shoutlive 1.1.0
NA
CVE-2006-0722
settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote malicious users to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) c...
Reamday Enterprises Magic Downloads 1.1.3
NA
CVE-2006-0723
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote malicious users to include arbitrary files via a URL in the php_script_path parameter.
Reamday Enterprises Magic News Lite 1.2.3
NA
CVE-2006-0729
SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote malicious users to execute arbitrary SQL commands via the (1) yy, (2) mm, and (3) dd parameters.
Teca Scripts Teca Diary Personal 1.0
NA
CVE-2006-0776
Cross-site scripting (XSS) vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Teca Scripts Guestex 1.0
NA
CVE-2006-0777
Unspecified vulnerability in guestex.pl in Teca Scripts Guestex 1.0 allows remote malicious users to execute arbitrary shell commands via the email parameter, possibly involving shell metacharacters.
Teca Scripts Guestex 1.0
NA
CVE-2006-0780
Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in PerlBlog 1.09b and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) email parameters.
Perlblog Perlblog 1.08
Perlblog Perlblog 1.09
Perlblog Perlblog 1.09b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »