Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-1640
Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the BASE parameter to (1) language.php and (2) phpadmin/survey.php.
Classweb Classweb
1 EDB exploit
1000
VMScore
CVE-2007-1620
Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[DRIVER] p...
Php Db Designer Php Db Designer
1 EDB exploit
1000
VMScore
CVE-2007-1621
PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CV...
Lbstone Active Php Bookmark Notes
1 EDB exploit
1000
VMScore
CVE-2006-7173
Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and previous versions allows remote malicious users to execute arbitrary PHP code via a crafted option_new[report_w_day] parameter in a preferenze action, which can be later accessed via option/php-stat...
Php-stats Php-stats
1 EDB exploit
1000
VMScore
CVE-2007-1421
Multiple PHP remote file inclusion vulnerabilities in Premod SubDog 2 allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions_kb.php, (2) themen_portal_mitte.php, or (3) logger_engine.php in includes/.
Premod Subdog Premod Subdog 2
3 EDB exploits
1000
VMScore
CVE-2007-1416
PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote malicious users to execute arbitrary PHP code via a URL in the formurl parameter.
Jccorp Urlshrink 1.3.1
1 EDB exploit
1000
VMScore
CVE-2007-1393
PHP remote file inclusion vulnerability in mysave.php in Magic CMS 4.2.747 allows remote malicious users to execute arbitrary PHP code via a URL in the file parameter.
Geo Soft Magic Cms 4.2.747
1 EDB exploit
1000
VMScore
CVE-2007-1394
Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote malicious users to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third pa...
Flat Chat Flat Chat 2.0
1 EDB exploit
1000
VMScore
CVE-2007-1391
PHP remote file inclusion vulnerability in modules/abook/foldertree.php in Leo West WEBO (aka weborganizer) 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the baseDir parameter.
Webo Webo 1.0
1 EDB exploit
1000
VMScore
CVE-2007-1399
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and previous versions, as bundled with PHP 5.2.0 and 5.2.1, allows remote malicious users to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP i...
Php Php 5.2.0
Php Php 5.2.1
Pecl Zip 1.8.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »