Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-4502
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote malicious users to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.func.php, (3) DFF_me...
Datafeedfile Dff Framework Api
1 EDB exploit
10
CVSSv2
CVE-2008-4439
PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio prior to 1.6.3 allows remote malicious users to execute arbitrary PHP code via a URL in the INSTALL_FOLDER parameter. NOTE: the provenance of this information is unknown; the details are ...
Martinwood Datafeed Studio
1 EDB exploit
10
CVSSv2
CVE-2008-4428
Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-l...
Phlatline Personal Information Manager
3 EDB exploits
10
CVSSv2
CVE-2008-4358
Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition prior to 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.
Spaw Editor Spaw Php 2.0.6
Spaw Editor Spaw Php 2.0.4
Spaw Editor Spaw Php 2.0.1
Spaw Editor Spaw Php 1.1
Spaw Editor Spaw Php 1.0.3
Spaw Editor Spaw Php 2.0.4.1
Spaw Editor Spaw Php 2.0.7
Spaw Editor Spaw Php 1.0.6
Spaw Editor Spaw Php 1.2.1
Spaw Editor Spaw Php 2.0.0
Spaw Editor Spaw Php 1.2
Spaw Editor Spaw Php 1.0.1
Spaw Editor Spaw Php 1.0.2
Spaw Editor Spaw Php 1.0.4
Spaw Editor Spaw Php 1.0.5
Spaw Editor Spaw Php
Spaw Editor Spaw Php 2.0.2
Spaw Editor Spaw Php 1.0.5a
Spaw Editor Spaw Php 1.0
Spaw Editor Spaw Php 1.2.2
Spaw Editor Spaw Php 1.2.3
Spaw Editor Spaw Php 2.0.5
10
CVSSv2
CVE-2008-4329
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the oe_classpath parameter.
Openengine Openengine 1.9 Beta2
Openengine Openengine 1.8 Beta2
Openengine Openengine 1.7.1
Openengine Openengine 1.9 Beta1
Openengine Openengine 1.9 Beta3
Openengine Openengine
1 EDB exploit
10
CVSSv2
CVE-2008-4138
PHP remote file inclusion vulnerability in skin_shop/standard/3_plugin_twindow/twindow_notice.php in TECHNOTE 7 allows remote malicious users to execute arbitrary PHP code via a URL in the shop_this_skin_path parameter.
Technote Technote 7
1 EDB exploit
10
CVSSv2
CVE-2008-3737
Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and previous versions and (2) SpaceTag LacoodaST 2.1.3 and previous versions allows remote malicious users to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...
Spacetag Lacoodast
System Consultants La Cooda Wiz
10
CVSSv2
CVE-2008-3455
PHP remote file inclusion vulnerability in include/admin.php in JnSHosts PHP Hosting Directory 2.0 allows remote malicious users to execute arbitrary PHP code via a URL in the rd parameter.
Jnshosts Php Hosting Directory 2.0
1 EDB exploit
10
CVSSv2
CVE-2008-2888
Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[application][app_root] parameter to (1) collection.class.php and (2) content_image.class.php i...
Migcms Migcms 2.0.5
1 EDB exploit
10
CVSSv2
CVE-2008-2689
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
Browsercrm Browsercrm 5.002.00
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »