Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6755
Ixprim 1.2 allows remote malicious users to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message.
Ixprim Ixprim Cms 1.2
1 EDB exploit
NA
CVE-2006-3385
Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters.
Vincent Leclercq News 5.2
1 EDB exploit
NA
CVE-2006-4601
SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Annuaire 1two 2.2
1 EDB exploit
NA
CVE-2007-3432
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote malicious users to upload and execute arbitrary PHP code via a .jpg filename.
Pluxml Pluxml 0.3.1
1 EDB exploit
NA
CVE-2009-0517
Eval injection vulnerability in index.php in phpSlash 0.8.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via the fields parameter, which is supplied to an eval function call within the generic function in include/class/tz_env.class. NOTE: so...
Phpslash Phpslash 0.7.2
Phpslash Phpslash 0.7.1
Phpslash Phpslash 0.6.1
Phpslash Phpslash 0.8.1
Phpslash Phpslash 065
Phpslash Phpslash 0.6
Phpslash Phpslash
Phpslash Phpslash 0.5.3.2
Phpslash Phpslash 0.6.2
Phpslash Phpslash 0.61
Phpslash Phpslash 0.8.0
1 EDB exploit
NA
CVE-2007-0205
Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and previous versions allows remote malicious users to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for...
Alexphpteam Alex Guestbook 3.13
Alexphpteam Alex Guestbook 4.0.1
Alexphpteam Alex Guestbook 3.12
Alexphpteam Alex Guestbook 4.0.2
1 EDB exploit
NA
CVE-2007-1634
Variable extraction vulnerability in grab_globals.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote malicious users to conduct SQL injection attacks via the _FILES[DB][tmp_name] parameter to print.php, which overwrites the $DB variable with dynamic ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
NA
CVE-2007-1635
Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and previous versions allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a "ConfigSave" op to admin.php, which can later be accessed ...
Net Portal Dynamic System Net Portal Dynamic System
1 EDB exploit
NA
CVE-2007-1172
SQL injection vulnerability in nukesentinel.php in NukeSentinel 2.5.05, and possibly earlier, allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, aka the "File Disclosure Exploit."
Nukescripts Nukesentinel 2.5.05
1 EDB exploit
NA
CVE-2006-4478
SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote malicious users to execute arbitrary SQL commands via the groupname parameter.
Visualshapers Ezcontents 2.0.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »