Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6856
Direct static code injection vulnerability in WebText CMS 0.4.5.2 and previous versions allows remote malicious users to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request...
Webtext Webtext
1 EDB exploit
NA
CVE-2006-6938
Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed prior to 2006, allows remote malicious users to include arbitrary files via ".." sequences in the root parameter.
Nitrotech Nitrotech 0.0.3a
1 EDB exploit
NA
CVE-2006-5257
PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the module_cache_path parameter.
Ciamos Ciamos Cms
1 EDB exploit
NA
CVE-2006-5510
Directory traversal vulnerability in explorer_load_lang.php in PH Pexplorer 0.24 allows remote malicious users to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code.
Bluevirus-design Ph Pexplorer
1 EDB exploit
NA
CVE-2006-5511
Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0, when register_globals is enabled, allows remote malicious users to inject arbitrary web script, HTML, or PHP via the contents parameter, whose value is prepended to the file specified by the forum ...
Jaxultrabb Jaxultrabb 2.0
1 EDB exploit
NA
CVE-2006-5531
PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[path] parameter.
Ascended Development Ascended Guestbook
1 EDB exploit
NA
CVE-2007-0763
Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Autor field.
F3site F3site 2.1
1 EDB exploit
NA
CVE-2006-2768
PHP remote file inclusion vulnerability in METAjour 2.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the (1) system_path parameter in a large number of files in the (a) app/edocument/, (b) app/eproject/, (c) app/erek/, and (d)...
Ipw Systems Metajour 2.1
1 EDB exploit
NA
CVE-2006-2819
PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Igloo 0.1.9 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the c_node[class_path] parameter.
Barnraiser Igloo
1 EDB exploit
NA
CVE-2006-2995
Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php.
Webprojectdb Webprojectdb 0.1.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »