Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4063
Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get...
Csaba Godor Sapid Blog Beta 2 Initial
4 EDB exploits
NA
CVE-2006-4962
Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and previous versions allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.
Blue Dragon Php Blue Dragon Platinum 2.8.0
Blue Dragon Php Blue Dragon Platinum 2.9.1
2 EDB exploits
NA
CVE-2007-3430
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote malicious users to execute arbitrary SQL commands via the submit parameter in an email action.
Simple Invoices Simple Invoices 2007-05-25
1 EDB exploit
NA
CVE-2009-0515
Directory traversal vulnerability in check_lang.php in Yet Another NOCC (YANOCC) 0.1.0 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Yanocc Yanocc
1 EDB exploit
NA
CVE-2007-0763
Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Autor field.
F3site F3site 2.1
1 EDB exploit
NA
CVE-2007-0764
Unrestricted file upload vulnerability in F3Site 2.1 and previous versions allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir param...
F3site F3site 2.1
1 EDB exploit
NA
CVE-2007-0804
Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 RC1 and previous versions allows remote malicious users to inject arbitrary PHP code into arbitrary files via ".." sequences in the subpageName parameter, as demonstrated by injecting PHP code into a...
Ggcms Ggcms 1.1.0 Rc1
1 EDB exploit
NA
CVE-2006-7112
Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and previous versions allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, t...
Maxdev Mdpro
1 EDB exploit
NA
CVE-2006-7169
PHP remote file inclusion vulnerability in includes/header_simple.php in Ultimate PHP Board (UPB) 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _CONFIG[skin_dir] parameter.
Ultimate Php Board Ultimate Php Board
1 EDB exploit
NA
CVE-2006-7183
PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the toroot parameter.
Photography-on-the-net Exhibit Engine 2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »