Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-2212
The getOrderByStatusUrlKey function in the Mage_Rss_Helper_Order class in app/code/core/Mage/Rss/Helper/Order.php in Magento Enterprise Edition prior to 1.14.2.3 and Magento Community Edition prior to 1.9.2.3 allows remote malicious users to obtain sensitive order information via...
Magento Magento
7.5
CVSSv2
CVE-2007-6656
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the templateid parameter.
Cmsmadesimple Cms Made Simple
1 EDB exploit
5
CVSSv2
CVE-2008-7154
Docebo 3.5.0.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class....
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-4053
SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the order parameter to new_images.php.
Linpha Linpha
1 EDB exploit
5
CVSSv2
CVE-2011-5147
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and previous versions allows remote malicious users to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a c...
Freewebshop Freewebshop 2.2.6
Freewebshop Freewebshop 2.2.5
Freewebshop Freewebshop
Freewebshop Freewebshop 2.2.9
Freewebshop Freewebshop 2.2.2
Freewebshop Freewebshop 2.2.1
Freewebshop Freewebshop 2.1
Freewebshop Freewebshop 2.2.3
Freewebshop Freewebshop 2.2.4
Freewebshop Freewebshop 2.2.7 Wip1 2
Freewebshop Freewebshop 2.2.7
1 EDB exploit
7.5
CVSSv2
CVE-2014-3990
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and previous versions allows remote malicious users to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted ser...
Opencart Opencart
7.5
CVSSv2
CVE-2008-3481
themes/sample/theme.php in Coppermine Photo Gallery (CPG) 1.4.18 and previous versions allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Coppermine-gallery Coppermine Photo Gallery 1.2.0
Coppermine-gallery Coppermine Photo Gallery 1.4.10
Coppermine-gallery Coppermine Photo Gallery 1.4.11
Coppermine-gallery Coppermine Photo Gallery 1.4.2
Coppermine-gallery Coppermine Photo Gallery 1.4.3
Coppermine-gallery Coppermine Photo Gallery 1.4.4
Coppermine-gallery Coppermine Photo Gallery
Coppermine-gallery Coppermine Photo Gallery 1.0
Coppermine-gallery Coppermine Photo Gallery 1.1
Coppermine-gallery Coppermine Photo Gallery 1.2.1
Coppermine-gallery Coppermine Photo Gallery 1.3.0
Coppermine-gallery Coppermine Photo Gallery 1.4.14
Coppermine-gallery Coppermine Photo Gallery 1.4.15
Coppermine-gallery Coppermine Photo Gallery 1.4.7
Coppermine-gallery Coppermine Photo Gallery 1.4.8
Coppermine-gallery Coppermine Photo Gallery 1.1.0
Coppermine-gallery Coppermine Photo Gallery 1.4.0
Coppermine-gallery Coppermine Photo Gallery 1.4.1
Coppermine-gallery Coppermine Photo Gallery 1.4.16
Coppermine-gallery Coppermine Photo Gallery 1.4.17
Coppermine-gallery Coppermine Photo Gallery 1.4.9
Coppermine-gallery Coppermine Photo Gallery 1.4
1 EDB exploit
6.5
CVSSv2
CVE-2015-7712
Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and previous versions allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter.
Atutor Atutor
9.3
CVSSv2
CVE-2008-4453
The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5.7.0.1 allows remote malicious users to create, overwrite, and modify arbitrary f...
Dspicture Light Imaging Toolkit 4.7.1
Dspicture Pro Imaging Sdk 5.7.1
1 EDB exploit
9
CVSSv2
CVE-2008-4645
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and previous versions allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.
Phpwebgallery Phpwebgallery 1.4.1
Phpwebgallery Phpwebgallery 1.1
Phpwebgallery Phpwebgallery 1.5.0
Phpwebgallery Phpwebgallery 1.6.0
Phpwebgallery Phpwebgallery 1.6.2
Phpwebgallery Phpwebgallery 1.3.4
Phpwebgallery Phpwebgallery 1.6.1
Phpwebgallery Phpwebgallery 1.3.2
Phpwebgallery Phpwebgallery 1.3.3
Phpwebgallery Phpwebgallery 1.5.2
Phpwebgallery Phpwebgallery 1.5.1
Phpwebgallery Phpwebgallery 1.3.0
Phpwebgallery Phpwebgallery 1.4.0
Phpwebgallery Phpwebgallery 1.7.0
Phpwebgallery Phpwebgallery 1.0
Phpwebgallery Phpwebgallery 1.2.1
Phpwebgallery Phpwebgallery 1.3.1
Phpwebgallery Phpwebgallery
Phpwebgallery Phpwebgallery 1.7.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »