Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-4751
Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the errcode parameter.
Laurentiu Matei Expandable Home Page Cms 0.5.1
1 EDB exploit
4.3
CVSSv2
CVE-2006-4881
Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the replyuser parameter in (a) pm.php; (2) the txt_jumpto parameter in (b) dropdown.php; the ...
David Bennett Php-post
1 EDB exploit
5
CVSSv2
CVE-2006-4989
Patrick Michaelis Wili-CMS allows remote malicious users to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, w...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1849
Directory traversal vulnerability in 404.php in Drake CMS allows remote malicious users to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has...
Drake Team Drake Cms 0.3.7
Drake Team Drake Cms 0.3.7 Beta
1 EDB exploit
7.5
CVSSv2
CVE-2007-2257
PHP remote file inclusion vulnerability in subscp.php in Fully Modded phpBB2 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Fully Modded Phpbb Fully Modded Phpbb2
1 EDB exploit
6.8
CVSSv2
CVE-2008-1128
PHP remote file inclusion vulnerability in tourney/index.php in phpMyTourney 2 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Phpmytourney Phpmytourney 2
1 EDB exploit
7.5
CVSSv2
CVE-2005-3575
SQL injection vulnerability in show.php in Cyphor 0.19 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cynox Cyphor
2 EDB exploits
4.3
CVSSv2
CVE-2005-3544
Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Xmb Forum Xmb 1.9.3
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4