Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
itsecteam vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0967
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the style parameter to (1) colorvoid/footer.php, (2) default-gree...
Geekhelps Admp 1.01
1 EDB exploit
NA
CVE-2010-0968
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote malicious users to execute arbitrary SQL commands via the click parameter.
Geekhelps Admp 1.01
1 EDB exploit
NA
CVE-2010-0971
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/g...
Atutor Atutor 1.6.4
1 EDB exploit
NA
CVE-2010-1042
Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown;...
Microsoft Windows Media Player 11.0.5721.5145
Microsoft Windows Media Player 11.0.6000.6324
Microsoft Windows Media Player 11
1 EDB exploit
NA
CVE-2010-1057
Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a ..// (dot dot slash slash) in the LANG_CODE parameter to common.inc.php ...
Phpkobo Adfreely 1.01
1 EDB exploit
NA
CVE-2010-5083
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote malicious users to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
Phpnuke Php-nuke 8.0
Phpnuke Web Links Module -
1 EDB exploit
NA
CVE-2010-2677
PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the IP parameter. NOTE: some of these details ar...
Openwebanalytics Open Web Analytics 1.2.3
1 EDB exploit
NA
CVE-2010-2676
Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote malicious users to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters.
Openwebanalytics Open Web Analytics 1.2.3
1 EDB exploit
NA
CVE-2010-1351
Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _nodesforum_path_from_here_to_nodesforum_folder parameter to erase_user_data.php and...
Nodesforum Nodesforum 1.033
Nodesforum Nodesforum 1.045
1 EDB exploit
NA
CVE-2010-1528
PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the content parameter.
Uiga Proxy
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »