Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-0103
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, ...
Playsms Playsms 0.9.3
1 EDB exploit
6.8
CVSSv2
CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
W2b Phpgreetcards 3.7
1 EDB exploit
5
CVSSv2
CVE-2008-6869
Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for config/oramon.ini.
Oramon Oramon 2.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6921
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.
W2b Phpadboard 1.8
1 EDB exploit
7.5
CVSSv2
CVE-2009-0448
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
Syntax Desktop Syntax Desktop 2.7
1 EDB exploit
7.5
CVSSv2
CVE-2009-0514
Multiple directory traversal vulnerabilities in WebFrame 0.76 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) currentmod and (2) LANG parameters to mod/index.php.
Webframe Webframe 0.76
1 EDB exploit
4.3
CVSSv2
CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Ott Phpcksec 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-0495
PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote malicious users to execute arbitrary PHP code via a URL in the INC_DIR parameter.
It747 Realtor 747 4.11
1 EDB exploit
5.1
CVSSv2
CVE-2009-0595
PHP remote file inclusion vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the theme parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
6.8
CVSSv2
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »