Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2146
The imagecomments function in classes.php in MiniGal b13 allow remote malicious users to inject arbitrary PHP code into a file in the thumbs/ directory via the (1) name or (2) email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely fr...
Minigal Minigal B13
1 EDB exploit
NA
CVE-2007-2154
PHP remote file inclusion vulnerability in services/samples/inclusionService.php in Cabron Connector 1.1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the CabronServiceFolder parameter.
Cabron Connector Cabron Connector
1 EDB exploit
NA
CVE-2007-2507
Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the item parameter.
Treble Designs 1024 Cms 0.7
1 EDB exploit
NA
CVE-2007-2642
Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote malicious users to read arbitrary files via a .. (dot dot) in the lang2 parameter.
R2k R2k Gallery 1.7
1 EDB exploit
NA
CVE-2007-2647
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_...
Monalbum Monalbum 0.8.7
1 EDB exploit
NA
CVE-2006-5612
PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in GestArt beta 1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via the aide parameter.
Michel Pradel Gestart Beta 1
1 EDB exploit
NA
CVE-2007-1795
JCcorp URLshrink 1.3.1 allows remote malicious users to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Jccorp Urlshrink 1.3.1
1 EDB exploit
NA
CVE-2008-0245
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadimage 1.0
Uploadscript Uploadscript 1.0
1 EDB exploit
NA
CVE-2008-0246
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote malicious users to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
Uploadscript Uploadscript 1.0
Uploadscript Uploadimage 1.0
1 EDB exploit
NA
CVE-2007-1394
Direct static code injection vulnerability in startsession.php in Flat Chat 2.0 allows remote malicious users to execute arbitrary PHP code via the Chat Name field, which is inserted into online.txt and included by users.php. NOTE: some of these details are obtained from third pa...
Flat Chat Flat Chat 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »