Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beyazkurt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2743
PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote malicious users to execute arbitrary PHP code via a URL in the sys[path_addon] parameter.
Glossword Glossword 1.8.1
1 EDB exploit
NA
CVE-2007-1445
SQL injection vulnerability in the heme preview feature for default.asp in BP Blog 7.0 up to and including 7.0.2 allows remote malicious users to execute arbitrary SQL commands via the layout parameter.
Betaparticle Betaparticle Blog 7.0
Betaparticle Betaparticle Blog
1 EDB exploit
NA
CVE-2008-6782
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Hosting Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Hosting Directory
1 EDB exploit
NA
CVE-2008-5922
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Cant Find A Gaming CMS (CFAGCMS) 1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) main and (2) right parameters.
Cfagcms Cfagcms 1.0
1 EDB exploit
NA
CVE-2008-1042
Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the content parameter.
Linux Web Shop Php Download Manager
1 EDB exploit
NA
CVE-2008-6118
win/content/upload.php in Goople CMS 1.7 allows remote malicious users to bypass authentication and gain administrative access by setting the loggedin cookie to 1.
Goople Cms Goople Cms 1.7
2 EDB exploits
NA
CVE-2008-6781
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) Gaming Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Gaming Directory
2 EDB exploits
NA
CVE-2008-4425
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote malicious users to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
Phlatline Personal Information Manager 1.0
3 EDB exploits
NA
CVE-2008-4426
Cross-site scripting (XSS) vulnerability in events.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote malicious users to inject arbitrary web script or HTML via the date parameter in a new action.
Phlatline Personal Information Manager 1.0
3 EDB exploits
NA
CVE-2008-4427
changepassword.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions does not require administrative authentication, which allows remote malicious users to change arbitrary passwords.
Phlatline Personal Information Manager
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »