Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5320
Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote malicious users to read arbitrary files via the img parameter.
Morian Album Photo Sans Nom 1.6
1 EDB exploit
NA
CVE-2007-1963
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CV...
Mybulletinboard Mybulletinboard
Mybb Mybb
1 EDB exploit
NA
CVE-2007-5913
dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and previous versions does not require authentication, which allows remote malicious users to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name an...
Jean Charles Jbc Explorer
1 EDB exploit
NA
CVE-2006-3385
Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters.
Vincent Leclercq News 5.2
1 EDB exploit
NA
CVE-2006-5314
PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote malicious users to execute arbitrary PHP code via a URL in the mostrar parameter.
Phplibre Tribunalibre 3.12 Beta
1 EDB exploit
NA
CVE-2006-5316
registroTL stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for /usuarios.dat.
Phplibre Registrotl 0.1b
Phplibre Registrotl 0.5b
1 EDB exploit
NA
CVE-2007-1171
SQL injection vulnerability in includes/nsbypass.php in NukeSentinel 2.5.05, 2.5.11, and other versions prior to 2.5.12 allows remote malicious users to execute arbitrary SQL commands via an admin cookie.
Nukescripts Nukesentinel
1 EDB exploit
NA
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
NA
CVE-2006-5086
Blog Pixel Motion 2.1.1 allows remote malicious users to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but i...
Pixel Motion Pixel Motion Blog 2.1.1
1 EDB exploit
NA
CVE-2007-1254
SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and previous versions allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.
Connectix Connectix Boards 0.5
Connectix Connectix Boards 0.4.2
Connectix Connectix Boards 0.4
Connectix Connectix Boards 0.4.3
Connectix Connectix Boards 0.7
Connectix Connectix Boards 0.5.4
Connectix Connectix Boards 0.5.3
Connectix Connectix Boards 0.5.1
Connectix Connectix Boards 0.6.1
Connectix Connectix Boards 0.5.2
Connectix Connectix Boards 0.4.4
Connectix Connectix Boards 0.4.1
Connectix Connectix Boards 0.5.5
Connectix Connectix Boards 0.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »