Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4453
The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5.7.0.1 allows remote malicious users to create, overwrite, and modify arbitrary f...
Dspicture Light Imaging Toolkit 4.7.1
Dspicture Pro Imaging Sdk 5.7.1
1 EDB exploit
NA
CVE-2008-7154
Docebo 3.5.0.3 and previous versions allows remote malicious users to obtain sensitive information via a direct request to (1) class/class.conf_fw.php, (2) class.module/class.event_manager.php, (3) lib/lib.domxml5.php, or (4) menu/menu_over.php in doceboCore/; or (5) class/class....
Docebo Docebo 3.5 Beta
Docebo Docebo
Docebo Docebo 3.0.3
Docebo Docebo 3.0.5
Docebo Docebo 3.0.4
1 EDB exploit
NA
CVE-2007-5452
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
Php-stats Php-stats 0.1.9.2
1 EDB exploit
NA
CVE-2007-5453
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the _options table, which is used in an eval function call by (1) admin.php, (2) click.php,...
Php-stats Php-stats 0.1.9.2
1 EDB exploit
NA
CVE-2008-6475
SQL injection vulnerability in the guestbook component (components/guestbook/guestbook.php) in Drake CMS 0.4.11 and previous versions allows remote malicious users to execute arbitrary SQL commands via the Via HTTP header (HTTP_VIA) to index.php.
Drake Team Drake Cms
Drake Team Drake Cms 0.2
1 EDB exploit
NA
CVE-2008-6490
function/update_xml.php in FLABER 1.1 and previous versions allows remote malicious users to overwrite arbitrary files by specifying the target filename in the target_file parameter. NOTE: this can be leveraged for code execution by overwriting a PHP file, as demonstrated using f...
Flysforum Flaber
1 EDB exploit
5.3
CVSSv3
CVE-2021-26598
ImpressCMS prior to 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).
Impresscms Impresscms
9.8
CVSSv3
CVE-2021-26599
ImpressCMS prior to 1.4.3 allows include/findusers.php groups SQL Injection.
Impresscms Impresscms
NA
CVE-2012-5692
Unspecified vulnerability in admin/sources/base/core.php in Invision Power Board (aka IPB or IP.Board) 3.1.x up to and including 3.3.x has unknown impact and remote attack vectors.
Invisionpower Invision Power Board 3.1.4
Invisionpower Invision Power Board 3.2.0
Invisionpower Invision Power Board 3.2.1
Invisionpower Invision Power Board 3.2.2
Invisioncommunity Invision Power Board 3.3.0
Invisioncommunity Invision Power Board 3.1.2
Invisionpower Invision Power Board 3.1.1
Invisionpower Invision Power Board 3.1.0
Invisionpower Invision Power Board 3.1.3
3 EDB exploits
8.8
CVSSv3
CVE-2023-35808
An issue exists in SugarCRM Enterprise prior to 11.0.6 and 12.x prior to 12.0.3. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using crafted requests, custom PHP code can be injected and executed through the Notes module because of missing ...
Sugarcrm Sugarcrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »