Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
katatafish vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2736
PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the config_atkroot parameter.
Achievo Achievo 1.1.0
1 EDB exploit
NA
CVE-2007-4726
Directory traversal vulnerability in Web Oddity 0.09b allows remote malicious users to read arbitrary files via a .. (dot dot) in the URI.
Weboddity Weboddity 0.09b
1 EDB exploit
NA
CVE-2007-3431
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote malicious users to execute arbitrary PHP code via a URL in the dir_edge_lang parameter.
Valerio Capello Dagger - The Cutting Edge R23jan2007
1 EDB exploit
NA
CVE-2007-3505
Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php.
Qt-cute Quicktalk Forum 1.3
1 EDB exploit
NA
CVE-2006-6035
Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the FADDR parameter.
F-art Agency Blog Cms
1 EDB exploit
NA
CVE-2007-5446
Absolute path traversal vulnerability in a certain ActiveX control in PBEmail7Ax.dll in PBEmail 7 ActiveX Edition allows remote malicious users to create or overwrite arbitrary files via a full pathname in the XmlFilePath argument to the SaveSenderToXml method.
Perfection Bytes Pbemail 7.0
1 EDB exploit
NA
CVE-2007-3547
Directory traversal vulnerability in qti_checkname.php in QuickTicket 1.2 allows remote malicious users to include and execute arbitrary local files a .. (dot dot) in the lang parameter.
Qt-cute Quickticket 1.2
1 EDB exploit
NA
CVE-2007-3402
SQL injection vulnerability in index.php in pagetool 1.07 allows remote malicious users to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action.
Pagetool Pagetool 1.07
1 EDB exploit
NA
CVE-2007-3535
Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) FORUM_LANGUAGE parameter to functions.php or the (2) style parameter to bottom.php.
Frank Karau Gl-sh Deaf Forum
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started