Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gold_m vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6214
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the databas...
Learnloop Learnloop 2.0 Beta7
1 EDB exploit
NA
CVE-2007-6221
TuMusika Evolution 1.7R5 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tumusika Evolution Tumusika Evolution 1.7r5
1 EDB exploit
NA
CVE-2009-4627
Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614.
Dan Brown Moa Gallery 1.2.0
1 EDB exploit
NA
CVE-2007-2677
Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.p...
Phpchess Phpchess 2.0
1 EDB exploit
NA
CVE-2008-6651
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote malicious users to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.
Oxyproject Oxybox 0.85
1 EDB exploit
NA
CVE-2007-1801
Directory traversal vulnerability in inc/lang.php in sBLOG 0.7.3 Beta allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the conf_lang_default parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, ...
Sblog Sblog 0.7.3 Beta
1 EDB exploit
NA
CVE-2007-1842
Directory traversal vulnerability in login.php in JSBoard prior to 2.0.12 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a relate...
Jsboard Jsboard
1 EDB exploit
NA
CVE-2008-0794
Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
Affiliate Market Affiliate Market 0.1 Beta
1 EDB exploit
NA
CVE-2007-0171
PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the AML_opensite parameter.
Allmylinks Project Allmylinks
1 EDB exploit
NA
CVE-2007-2091
PHP remote file inclusion vulnerability in blocks/tsdisplay4xoops_block2.php in tsdisplay4xoops (TSD4XOOPS, aka the TeamSpeak display module) 0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the xoops_url parameter.
Tsdisplay4xoops Tsdisplay4xoops 0.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »