Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-6955
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain configuration details and passwords via a direct request for archive/config.ini.
Infireal Mxcamarchive 2.2
1 EDB exploit
NA
CVE-2008-6956
Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details ...
Infireal Mxcamarchive 2.2
1 EDB exploit
NA
CVE-2008-6920
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
W2b Phpemployment 1.8
1 EDB exploit
NA
CVE-2008-6921
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.
W2b Phpadboard 1.8
1 EDB exploit
NA
CVE-2008-6869
Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for config/oramon.ini.
Oramon Oramon 2.0.1
1 EDB exploit
NA
CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote malicious users to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Php-sugar Php-sugar 0.80
1 EDB exploit
NA
CVE-2009-2378
PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.
Jtr Jax Formmailer 3.0.0
1 EDB exploit
NA
CVE-2009-2338
Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter.
Freewebshop Freewebshop 2.2.9
1 EDB exploit
NA
CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
W2b Phpgreetcards 3.7
1 EDB exploit
NA
CVE-2008-6848
Cross-site scripting (XSS) vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to inject arbitrary web script or HTML via the category parameter in a select action.
W2b Phpgreetcards 3.7
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »