Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero-x vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1559
Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote malicious users to read arbitrary files via (1) C: (drive letter) or (2) .. (dot-dot) sequences in the page parameter.
Research Systems Inc. Ion Script 1.4
1 EDB exploit
NA
CVE-2003-1131
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote malicious users to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Activecampaign Knowledgebuilder 3.0.1
Activecampaign Knowledgebuilder 2.0.1
Activecampaign Knowledgebuilder 2.1.0
Activecampaign Knowledgebuilder 2.1.4
1 EDB exploit
NA
CVE-2007-6176
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
Amensa-soft K\\+b-bestellsystem 2.3.3
1 EDB exploit
NA
CVE-2008-6555
cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote malicious users to execute arbitrary commands via shell metacharacters in the dig command.
Puppetmaster Webutil 2.3
Puppetmaster Webutil 2.7
1 EDB exploit
NA
CVE-2004-2309
Directory traversal vulnerability in Crob FTP Server 3.5.1 allows local users to browse outside the FTP root via multiple ../ (dot dot slash) in the DIR command.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
NA
CVE-2002-2190
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote malicious users to obtain the passwords via an HTTP request to a .user file.
Artscore Studios Cutecast Forum 1.2
1 EDB exploit
NA
CVE-2003-1166
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote malicious users to view arbitrary files via a .. (dot dot) in the file parameter.
Http Commander Http Commander 4.0
1 EDB exploit
NA
CVE-2003-1207
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
NA
CVE-2004-0070
PHP remote file inclusion vulnerability in module.php for ezContents allows remote malicious users to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
Visualshapers Ezcontents
1 EDB exploit
NA
CVE-2004-0237
Directory traversal vulnerability in index.php in Aprox PHP Portal allows remote malicious users to read arbitrary files via a full pathname in the show parameter.
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »