Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cr4wl3r vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-4581
Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the admin parameter.
Roseonlinecms Roseonlinecms
1 EDB exploit
7.5
CVSSv2
CVE-2006-0087
SQL injection vulnerability in (1) pages.php and (2) detail.php in Lizard Cart CMS 1.04 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Lizard Cart Lizard Cart Cms 1.0.4
1 EDB exploit
4.3
CVSSv2
CVE-2010-0718
Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file.
Microsoft Windows Media Player 9
Microsoft Windows Media Player 11.0.5721.5145
1 EDB exploit
6.8
CVSSv2
CVE-2010-0958
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some o...
Thomas Perez Tribisur
Thomas Perez Tribisur 2.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-1945
Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) action.class.php, (2) architecte.class.php, (3) avis.class.php...
Openmairie Openfoncier 2.00
1 EDB exploit
6.8
CVSSv2
CVE-2010-0966
PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the basePath parameter.
Dzcp Dev\\!l\\'z Clanportal 1.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2010-1046
Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) userid (username) and (2) password parameters.
Ryan Marshall Rostermain
1 EDB exploit
6.8
CVSSv2
CVE-2010-1053
Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters to (a) userlogin.php and (b) managerlogin.php....
Zentracking Zen Time Tracking
1 EDB exploit
6.8
CVSSv2
CVE-2010-1216
PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the content parameter. NOTE: some of these details are obtain...
Notsopureedit Notsopureedit
1 EDB exploit
5
CVSSv2
CVE-2010-1267
Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and previous versions allow remote malicious users to read arbitrary files via directory traversal sequences in the com parameter to (1) cContactus.php, (2) cGuestbook.php, and (3) cArticle.php.
Kjetiltroan Webmaid Cms
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »