Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

s.w.a.t. vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-3749
SQL injection vulnerability in tr.php in YourFreeWorld Banner Management Script allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Yourfreeworld Banner Management Script
NA
CVE-2008-6900
Unrestricted file upload vulnerability in "Add Pen/Author Name" feature in addpen.php in AvailScript Article Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th...
Availscript Availscript Article Script
NA
CVE-2007-5388
Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) app parameter to apps/apps.php and the (2) wsk parameter to wsk/wsk.php.
Webdesktop Webdesktop 0.1
NA
CVE-2007-6133
PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the kfm_base_path parameter.
Devmass Devmass Cart 1.0
NA
CVE-2008-4709
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Pilot Group Etraining
NA
CVE-2007-4978
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
Phpsyncml Phpsyncml
NA
CVE-2007-5573
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootdir parameter.
Limesurvey Limesurvey
NA
CVE-2007-5800
Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and previous versions plugin for WordPress allow remote malicious users to execute arbitrary PHP code via a URL in the bkpwp_plugin_path parameter to (1) plugins/BackUp/Archive.php; and (2) Predicate...
Tom Willmot Backupwordpress Plugin
NA
CVE-2007-6137
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote malicious users to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
P3mbo Content Injector 1.52
NA
CVE-2007-0573
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the racineTBS parameter.
Nsgalphp Nsgalphp 0.41
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook