Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2006-5086
Blog Pixel Motion 2.1.1 allows remote malicious users to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but i...
Pixel Motion Pixel Motion Blog 2.1.1
1 EDB exploit
755
VMScore
CVE-2006-5259
PHP remote file inclusion vulnerability in param_editor.php in Compteur 2 allows remote malicious users to execute arbitrary PHP code via a URL in the folder parameter.
Compteur Compteur 2
1 EDB exploit
755
VMScore
CVE-2006-5314
PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote malicious users to execute arbitrary PHP code via a URL in the mostrar parameter.
Phplibre Tribunalibre 3.12 Beta
1 EDB exploit
755
VMScore
CVE-2007-0971
Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other ...
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
755
VMScore
CVE-2007-0972
Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote malicious users to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related...
Jupiter Cms Jupiter Cms 1.1.5
1 EDB exploit
905
VMScore
CVE-2007-1635
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
755
VMScore
CVE-2006-6849
administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote malicious users to perform unauthorized administrative actions.
Cahier De Textes Cahier De Textes 2.2
1 EDB exploit
515
VMScore
CVE-2006-6756
The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote malicious users to gain access to the administration panel via a brute force attack.
Ixprim Ixprim Cms 1.2
1 EDB exploit
755
VMScore
CVE-2007-1963
SQL injection vulnerability in the create_session function in class_session.php in MyBB (aka MyBulletinBoard) 1.2.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, as utilized by index.php, a related issue to CV...
Mybb Mybb
Mybulletinboard Mybulletinboard
1 EDB exploit
755
VMScore
CVE-2007-3432
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote malicious users to upload and execute arbitrary PHP code via a .jpg filename.
Pluxml Pluxml 0.3.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »