Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liz0zim vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6414
admin/administrator.php in Adult Script 1.6 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to bypass authentication and obtain administrative credentials via a direct request. NOTE: this can be leveraged for arbitr...
Adultscript Adultscript 1.6
1 EDB exploit
NA
CVE-2007-6082
Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote malicious users to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.
Sciurus Sciurus Hosting Panel 2.0.3
1 EDB exploit
NA
CVE-2007-1906
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
Ecardmax.com Hot Editor 4.0
Mybb Mybb Hot Editor Plugin
1 EDB exploit
NA
CVE-2006-5765
SQL injection vulnerability in rss.php in Article Script 1.6.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the category parameter.
Article Script Article Script
1 EDB exploit
NA
CVE-2006-3158
index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote malicious users to bypass security checks and upload or execute arbitrary php code via the add action.
Eduha Meeting Eduha Meeting
1 EDB exploit
NA
CVE-2006-1701
Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote malicious users to inject arbitrary web script or HTML via the page parameter to load.php.
Shadowed Portal Shadowed Portal
1 EDB exploit
NA
CVE-2006-1697
Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote malicious users to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields when posting a message.
Matt Wright Matt Wright Guestbook
1 EDB exploit
NA
CVE-2006-1070
Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote malicious users to inject arbitrary web script or HTML via the f parameter.
Dvguestbook Dvguestbook 1.0
1 EDB exploit
NA
CVE-2006-1071
Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Dvguestbook Dvguestbook 1.2.2
1 EDB exploit
NA
CVE-2006-1008
Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) dir and (2) page_id parameter to (a) index.php and (3) userid parameter to (b) mailto.php. NOTE: it is possible that issues 1 a...
Nathan Landry N8cms Sitesuite Cms 1.2
Nathan Landry N8cms Sitesuite Cms 1.1
Nathan Landry N8cms Sitesuite Cms 1.12
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »