Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1401
Buffer overflow in the crack extension (CrackLib), as bundled with PHP 4.4.6 and other versions prior to 5.0.0, might allow local users to gain privileges via a long argument to the crack_opendict function.
Php Php 4.4.6
1 EDB exploit
NA
CVE-2007-1412
The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 allows context-dependent malicious users to obtain sensitive information (script source code) via a long string in the second argument.
Php Php 4.4.6
1 EDB exploit
NA
CVE-2005-2956
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote malicious users to obtain user chat conversations via direct requests to those files.
Adaptive Technology Resource Centre Atutor 1.5.1
1 EDB exploit
NA
CVE-2005-3010
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and previous versions allows remote malicious users to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.
Cutephp Cutenews
1 EDB exploit
NA
CVE-2005-3048
Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote malicious users to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet...
Phpmyfaq Phpmyfaq 1.5.1
1 EDB exploit
NA
CVE-2005-3063
SQL injection vulnerability in MailGust 1.9 allows remote malicious users to execute arbitrary SQL commands via the email field on the password reminder page.
Unu Networks Mailgust 1.9
1 EDB exploit
NA
CVE-2005-2792
Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter.
Phpldapadmin Project Phpldapadmin 0.9.6
Phpldapadmin Project Phpldapadmin 0.9.7
1 EDB exploit
NA
CVE-2009-4115
Multiple static code injection vulnerabilities in the Categories module in CutePHP CuteNews 1.4.6 allow remote authenticated users with application administrative privileges to inject arbitrary PHP code into data/category.db.php via the (1) category and (2) Icon URL fields; or (3...
Cutephp Cutenews 1.4.6
1 EDB exploit
NA
CVE-2006-2889
Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and previous versions allow remote malicious users to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via the (1) category or (2) archivedate parameter.
Pixelpost Pixelpost
1 EDB exploit
NA
CVE-2006-3065
SQL injection vulnerability in engine/shards/blog.php in blur6ex 0.3.462 allows remote malicious users to execute arbitrary SQL commands via the ID parameter in a proc_reply action in the blog shard. NOTE: This is a similar vulnerability to CVE-2006-1763, but the affected code an...
Blursoft Blur6ex 0.3.462
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »