Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-6178
Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote malicious users to execute arbitrary code by creating a file with PHP sequences preceded by...
Phplist Phplist 2.10.1
Fckeditor Fckeditor 2.4.3
Phplist Phplist 2.10.5
Phplist Phplist 2.10.4
Fckeditor Fckeditor 2.3beta
Fckeditor Fckeditor 2.0rc2
Fckeditor Fckeditor 2.0rc3
Fckeditor Fckeditor 2.2
Phplist Phplist 2.10.3
Phplist Phplist 2.10.2
Phplist Phplist 2.10.6
2 EDB exploits
6.5
CVSSv2
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Claydip Airbnb Clone 1.0
1 EDB exploit
5
CVSSv2
CVE-2007-1149
Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI.
Lovecms Lovecms 1.4
2 EDB exploits
6.4
CVSSv2
CVE-2007-4047
geoBlog (aka BitDamaged) 1 does not require authentication for (1) deletecomment.php, (2) deleteblog.php, and (3) listcomment.php in admin/, which allows remote malicious users to delete arbitrary comments, delete arbitrary blogs, and have other unspecified impact via a request w...
Geoblog Geoblog 1
2 EDB exploits
5
CVSSv2
CVE-2005-3507
Directory traversal vulnerability in CuteNews 1.4.1 allows remote malicious users to include arbitrary files, execute code, and gain privileges via "../" sequences in the template parameter to (1) show_archives.php and (2) show_news.php.
Cutephp Cutenews
2 EDB exploits
6.8
CVSSv2
CVE-2009-4819
Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote malicious users to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double extension, then accessing it via a direct request to the file in albums/userpic...
Stoverud Phphotoalbum 0.5
Stoverud Phphotoalbum 0.4
Stoverud Phphotoalbum 0.3
1 EDB exploit
7.5
CVSSv2
CVE-2004-1456
filediff in CVStrac allows remote malicious users to execute arbitrary commands via shell metacharacters in rcsinfo.
Cvstrac Cvstrac 1.1.3
Cvstrac Cvstrac 1.1
Cvstrac Cvstrac 1.1.1
Cvstrac Cvstrac 1.1.2
1 EDB exploit
NA
CVE-2012-2344
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5099. Reason: This candidate is a duplicate of CVE-2010-5099. Notes: All CVE users should reference CVE-2010-5099 instead of this candidate. All references and descriptions in this candidate have been removed...
1 EDB exploit
6.5
CVSSv2
CVE-2005-4423
Unrestricted file upload vulnerability in PHPFM prior to 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell.&q...
1 EDB exploit
6.8
CVSSv2
CVE-2010-5099
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 does not properly filter file types, which allows remote malicious users to bypass intended access restrictions and access arb...
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.8
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »