Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3639
PHP file inclusion vulnerability in the osTicket module in Help Center Live prior to 2.0.3 allows remote malicious users to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability.
Ubertec Help Center Live
1 EDB exploit
NA
CVE-2008-1128
PHP remote file inclusion vulnerability in tourney/index.php in phpMyTourney 2 allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Phpmytourney Phpmytourney 2
1 EDB exploit
NA
CVE-2007-1849
Directory traversal vulnerability in 404.php in Drake CMS allows remote malicious users to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has...
Drake Team Drake Cms 0.3.7 Beta
Drake Team Drake Cms 0.3.7
1 EDB exploit
NA
CVE-2006-4751
Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote malicious users to inject arbitrary web script or HTML via the errcode parameter.
Laurentiu Matei Expandable Home Page Cms 0.5.1
1 EDB exploit
NA
CVE-2006-4836
SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already...
Codeworx Technologies Dcp-portal Se 6.0
1 EDB exploit
NA
CVE-2006-4877
Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and previous versions allows remote malicious users to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the table_prefix parameter in (1) index.php, (...
David Bennett Php-post
1 EDB exploit
NA
CVE-2005-3575
SQL injection vulnerability in show.php in Cyphor 0.19 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cynox Cyphor
2 EDB exploits
NA
CVE-2005-3544
Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote malicious users to inject arbitrary web script or HTML via the username parameter.
Xmb Forum Xmb 1.9.3
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4