Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-8083
SQL injection vulnerability in the Search::setJsonAlert method in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Osclass Osclass
6.8
CVSSv2
CVE-2014-8085
Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct r...
Osclass Osclass
10
CVSSv2
CVE-2007-5452
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
Php-stats Php-stats 0.1.9.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-6543
SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Esyndicat Esyndicat Link Exchange
1 EDB exploit
7.5
CVSSv2
CVE-2007-6550
form.php in PMOS Help Desk 2.4 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct eval injection attacks and execute arbitrary PHP code via the options array parameter.
Pmos Helpdesk Pmos Helpdesk
1 EDB exploit
5
CVSSv2
CVE-2007-6623
Absolute path traversal vulnerability in ZeusCMS 0.3 and previous versions might allow remote malicious users to list arbitrary directories via a full pathname in the dir parameter.
Zeuscms Zeuscms
1 EDB exploit
3.5
CVSSv2
CVE-2020-17373
SugarCRM prior to 10.1.0 (Q3 2020) allows SQL Injection.
Sugarcrm Sugarcrm
7.5
CVSSv2
CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and previous versions does not require administrative authentication for an addupdate action, which allows remote malicious users to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web ...
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.24
Phpicalendar Phpicalendar
1 EDB exploit
7.5
CVSSv2
CVE-2008-5968
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1...
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar
1 EDB exploit
6.8
CVSSv2
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »