Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-0330
Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the p parameter.
Wss-pro Scms 1
1 EDB exploit
7.5
CVSSv2
CVE-2009-0456
PHP remote file inclusion vulnerability in examples/example_clientside_javascript.php in patForms, as used in Sourdough 0.3.5, allows remote malicious users to execute arbitrary PHP code via a URL in the neededFiles[patForms] parameter.
Sourdough Sourdough 0.3.5
1 EDB exploit
7.5
CVSSv2
CVE-2009-0457
Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the m...
Magtrb Aja Portal 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-0495
PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote malicious users to execute arbitrary PHP code via a URL in the INC_DIR parameter.
It747 Realtor 747 4.11
1 EDB exploit
5.1
CVSSv2
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
6.8
CVSSv2
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
5
CVSSv2
CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote malicious users to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Php-sugar Php-sugar 0.80
1 EDB exploit
5
CVSSv2
CVE-2009-0826
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Bloghelper -
1 EDB exploit
5
CVSSv2
CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Pollhelper -
1 EDB exploit
7.5
CVSSv2
CVE-2009-0807
zFeeder 1.6 allows remote malicious users to gain administrative access via a direct request to admin.php.
Zfeeder Zfeeder 1.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »