Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-4448
SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote malicious users to execute arbitrary SQL commands via the default_comment_display parameter in an update action.
Wikkawiki Wikkawiki 1.3.1
Wikkawiki Wikkawiki 1.3.2
1 EDB exploit
NA
CVE-2011-4450
Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote malicious users to read or delete arbitrary files via a non-initial .. (dot dot) in the file parameter, as demonstrated by the /../../wikka.config.php pathname in a do...
Wikkawiki Wikkawiki 1.3.1
Wikkawiki Wikkawiki 1.3.2
1 EDB exploit
NA
CVE-2011-4451
libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when the spam_logging option is enabled, allows remote malicious users to write arbitrary PHP code to the spamlog_path file via the User-Agent HTTP header in an addcomment request. NOTE: the vendor disputes this issue because the...
Wikkawiki Wikkawiki 1.3.2
Wikkawiki Wikkawiki 1.3.1
1 EDB exploit
NA
CVE-2011-4452
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote malicious users to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{i...
Wikkawiki Wikkawiki 1.3.2
Wikkawiki Wikkawiki 1.3.1
1 EDB exploit
8.8
CVSSv3
CVE-2012-1496
Local file inclusion in WebCalendar prior to 1.2.5.
Webcalendar Project Webcalendar
1 EDB exploit
7.2
CVSSv3
CVE-2011-4558
Tiki 8.2 and previous versions allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.
Tiki Tiki
1 EDB exploit
NA
CVE-2012-1002
SQL injection vulnerability in author/edit.php in OpenConf 4.x prior to 4.12 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Zakongroup Openconf 4.11
Zakongroup Openconf 4.02
Zakongroup Openconf 4.10
Zakongroup Openconf 4.00
Zakongroup Openconf 4.01
1 EDB exploit
9.8
CVSSv3
CVE-2013-1465
The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 up to and including 5.2.0 allows remote malicious users to unserialize arbitrary PHP objects via a crafted shipping parameter, as demonstrated by modifying the application configuration using the Config ...
Cubecart Cubecart
1 EDB exploit
NA
CVE-2013-1453
plugins/system/highlight/highlight.php in Joomla! 3.0.x up to and including 3.0.2 and 2.5.x up to and including 2.5.8 allows malicious users to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and poss...
Joomla Joomla\\! 3.0.1
Joomla Joomla\\! 3.0.2
Joomla Joomla\\! 2.5.6
Joomla Joomla\\! 2.5.7
Joomla Joomla\\! 2.5.0
Joomla Joomla\\! 2.5.1
Joomla Joomla\\! 2.5.8
Joomla Joomla\\! 3.0.0
Joomla Joomla\\! 2.5.4
Joomla Joomla\\! 2.5.5
Joomla Joomla\\! 2.5.2
Joomla Joomla\\! 2.5.3
1 EDB exploit
NA
CVE-2013-3528
Unspecified vulnerability in the update check in Vanilla Forums prior to 2.0.18.8 has unspecified impact and remote attack vectors, related to "object injection."
Vanillaforums Vanilla 2.0.18.4
Vanillaforums Vanilla 2.0.18.3
Vanillaforums Vanilla 2.0.18
Vanillaforums Vanilla 2.0.17.10
Vanillaforums Vanilla 2.0.17.8
Vanillaforums Vanilla 2.0.14
Vanillaforums Vanilla 2.0.13
Vanillaforums Vanilla 2.0.5
Vanillaforums Vanilla 2.0.4
Vanillaforums Vanilla 2.0.18.6
Vanillaforums Vanilla 2.0.18.5
Vanillaforums Vanilla 2.0.17.1
Vanillaforums Vanilla 2.0.17
Vanillaforums Vanilla 2.0.16.1
Vanillaforums Vanilla 2.0.15
Vanillaforums Vanilla 2.0.7
Vanillaforums Vanilla 2.0.6
Vanillaforums Vanilla
Vanillaforums Vanilla 2.0.17.2
Vanillaforums Vanilla 2.0.17.3
Vanillaforums Vanilla 2.0.17.7
Vanillaforums Vanilla 2.0.16
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »