Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost hacker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4751
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote malicious users to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597.
Epistream Ipei Guestbook 2.0
1 EDB exploit
NA
CVE-2008-6305
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
Freedirectoryscript Free Directory Script 1.1.1
1 EDB exploit
NA
CVE-2008-3293
Directory traversal vulnerability in download.php in EZWebAlbum allows remote malicious users to read arbitrary files via the dlfilename parameter.
Ezwebalbum Ezwebalbum 1.0
1 EDB exploit
NA
CVE-2008-4737
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via the dom parameter.
Noc2 Whodomlite 1.1.3
1 EDB exploit
NA
CVE-2008-7087
PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the LIBPATH parameter.
Openpro Openpro 1.3.1
1 EDB exploit
NA
CVE-2008-3127
PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the hm parameter.
Hiox India Banner Rotator 1.3
1 EDB exploit
NA
CVE-2008-3183
PHP remote file inclusion vulnerability in ktmlpro/includes/ktedit/toolbar.php in gapicms 9.0.2 allows remote malicious users to execute arbitrary PHP code via a URL in the dirDepth parameter.
Gapi Cms Gapicms 9.0.2
1 EDB exploit
NA
CVE-2008-5572
Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for database/downloads.mdb.
Dotnetindex Professional Download Assistant 0.1
1 EDB exploit
NA
CVE-2008-5596
Ikon AdManager 2.1 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for ikonBAnner_AdManager.mdb.
Dotnetindex Ikon Admanager
1 EDB exploit
NA
CVE-2008-5606
Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for qmail.mdb.
Gazatem Technologies Qmail Mailing List Manager 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »