Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hackers pal vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5293
Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote malicious users to inject arbitrary web script or HTML via the (1) err_msg parameter to error.php and the (2) content parameter to templates/simple/ia.php.
Idmos Idmos 1.0-beta
1 EDB exploit
NA
CVE-2007-2257
PHP remote file inclusion vulnerability in subscp.php in Fully Modded phpBB2 allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Fully Modded Phpbb Fully Modded Phpbb2
1 EDB exploit
NA
CVE-2007-1849
Directory traversal vulnerability in 404.php in Drake CMS allows remote malicious users to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has...
Drake Team Drake Cms 0.3.7
Drake Team Drake Cms 0.3.7 Beta
1 EDB exploit
NA
CVE-2006-5017
SQL injection vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote malicious users to execute arbitrary SQL commands via the from parameter.
E-vision E-vision Cms 1.0
1 EDB exploit
NA
CVE-2006-4836
SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote malicious users to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already...
Codeworx Technologies Dcp-portal Se 6.0
1 EDB exploit
NA
CVE-2006-4876
Multiple SQL injection vulnerabilities in Jupiter CMS allow remote malicious users to execute arbitrary SQL commands via (1) the user name during login, or the (2) key or (3) fpwusername parameters in modules/register.
Jupiter Cms Jupiter Cms
1 EDB exploit
NA
CVE-2006-4881
Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the replyuser parameter in (a) pm.php; (2) the txt_jumpto parameter in (b) dropdown.php; the ...
David Bennett Php-post
1 EDB exploit
NA
CVE-2006-4989
Patrick Michaelis Wili-CMS allows remote malicious users to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, w...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
NA
CVE-2006-4988
Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.php, and other unspec...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
NA
CVE-2006-4987
Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote malicious users to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) exam...
Patrick Michaelis Wili-cms 0.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »