Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2015-7712
Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and previous versions allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter.
Atutor Atutor
668
VMScore
CVE-2015-7815
Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik prior to 2.15.0 allows remote malicious users to include and execute arbitrary local files via the viewDataTable parameter.
Matomo Matomo
605
VMScore
CVE-2015-8379
CakePHP 2.x and 3.x prior to 3.1.5 might allow remote malicious users to bypass the CSRF protection mechanism via the _method parameter.
Cakephp Cakephp 3.1.1
Cakephp Cakephp 3.1.0
Cakephp Cakephp 3.0.11
Cakephp Cakephp 3.0.10
Cakephp Cakephp 3.0.3
Cakephp Cakephp 3.0.2
Cakephp Cakephp 3.0.0
Cakephp Cakephp 2.7.7
Cakephp Cakephp 2.7.6
Cakephp Cakephp 2.7.0
Cakephp Cakephp 2.6.12
Cakephp Cakephp 2.6.5
Cakephp Cakephp 2.6.4
Cakephp Cakephp 2.5.8
Cakephp Cakephp 2.5.7
Cakephp Cakephp 2.5.0
Cakephp Cakephp 2.4.6
Cakephp Cakephp 2.4.5
Cakephp Cakephp 2.4.4
Cakephp Cakephp 2.4.0
Cakephp Cakephp 2.3.10
Cakephp Cakephp 2.3.3
855
VMScore
CVE-2007-5453
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php,...
Php-stats Php-stats 0.1.9.2
1 EDB exploit
685
VMScore
CVE-2013-3212
vtiger CRM 5.4.0 and previous versions contain local file-include vulnerabilities in 'customerportal.php' which allows remote malicious users to view files and execute local script code.
Vtiger Vtiger Crm
1 EDB exploit
578
VMScore
CVE-2014-9752
Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor prior to 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension as a customicon for a new course, then accessing it via a dir...
Atutor Atutor
668
VMScore
CVE-2014-8083
SQL injection vulnerability in the Search::setJsonAlert method in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary SQL commands via the alert parameter in a search alert subscription action.
Osclass Osclass
668
VMScore
CVE-2014-8084
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass prior to 3.4.3 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the ajaxfile parameter in a custom action.
Osclass Osclass
605
VMScore
CVE-2014-8085
Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct r...
Osclass Osclass
685
VMScore
CVE-2009-1911
Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and previous versions, as used in TinyWebGallery (TWG) 1.7.6 and previous versions, allows remote malicious users to include and execute arbitrary local files via a .. (dot do...
Tinywebgallery Tinywebgallery 1.7.5.1
Tinywebgallery Tinywebgallery 1.7.5
Tinywebgallery Tinywebgallery 1.7.3.3
Tinywebgallery Tinywebgallery 1.7.3.2
Tinywebgallery Tinywebgallery 1.6.2
Tinywebgallery Tinywebgallery 1.6.1
Tinywebgallery Tinywebgallery 1.5.2.1 20.09.2006 1000
Tinywebgallery Tinywebgallery 1.5.2 17.09.2006 1000
Tinywebgallery Tinywebgallery 1.7.4.5
Tinywebgallery Tinywebgallery 1.7.4.4
Tinywebgallery Tinywebgallery 1.7.3.1
Tinywebgallery Tinywebgallery 1.7.3-12.05.2008
Tinywebgallery Tinywebgallery 1.6
Tinywebgallery Tinywebgallery 1.5.5 30.10.2006 2200
Tinywebgallery Tinywebgallery 1.5.1 03.09.2006
Tinywebgallery Tinywebgallery 1.5.0.2 17.08.2006
Tinywebgallery Tinywebgallery 1.4.0.4
Tinywebgallery Tinywebgallery 1.4.0.3
Tinywebgallery Tinywebgallery 1.1.2
Tinywebgallery Tinywebgallery 1.1.1
Tinywebgallery Tinywebgallery 1.4.1.1
Tinywebgallery Tinywebgallery 1.4.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »