Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-2112
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
Frank-karau Phpfk 7.03
1 EDB exploit
7.5
CVSSv2
CVE-2009-2378
PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.
Jtr Jax Formmailer 3.0.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-3163
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained ...
Regretless Dodos Mail 2.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-5570
Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Php Multiple Newsletters Php Multiple Newsletters 2.7
1 EDB exploit
4.3
CVSSv2
CVE-2008-5770
Cross-site scripting (XSS) vulnerability in config/make_config.php in PHP Weather 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Phpweather Phpweather 2.2.2
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2008-5771
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Phpweather Phpweather 2.2.2
1 EDB exploit
6.8
CVSSv2
CVE-2008-6251
PHP remote file inclusion vulnerability in includes/init.php in phpFan 3.3.4 allows remote malicious users to execute arbitrary PHP code via a URL in the includepath parameter.
Scripts Phpfan 3.3.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-6492
Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via index.php, then accessing the uploaded file via a direct request to the file in pics/. N...
Tizag Tizag Countdown Creator 3
1 EDB exploit
6.8
CVSSv2
CVE-2009-0294
Multiple PHP remote file inclusion vulnerabilities in WB News 2.0.1, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) search.php, (2) archive.php, (3) comments.php, and (4) news.php; ...
Webmobo Wbnews 2.0.1
1 EDB exploit
6.8
CVSSv2
CVE-2009-0340
Multiple directory traversal vulnerabilities in Simple PHP Newsletter 1.5 allow remote malicious users to read arbitrary files via a .. (dot dot) in the olang parameter to (1) mail.php and (2) mailbar.php.
Quirm Simple Php Newsletter 1.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »