Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2008-6849
Unrestricted file upload vulnerability in index.php in phpGreetCards 3.7 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a via a link that is listed by userfiles/number_shell.php.
W2b Phpgreetcards 3.7
1 EDB exploit
7.5
CVSSv2
CVE-2008-6921
Unrestricted file upload vulnerability in index.php in phpAdBoard 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in photoes/.
W2b Phpadboard 1.8
1 EDB exploit
7.5
CVSSv2
CVE-2008-6955
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain configuration details and passwords via a direct request for archive/config.ini.
Infireal Mxcamarchive 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-0807
zFeeder 1.6 allows remote malicious users to gain administrative access via a direct request to admin.php.
Zfeeder Zfeeder 1.6
1 EDB exploit
7.5
CVSSv2
CVE-2009-1246
Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php; (2) row_mysql_blocks_center_top[fil...
Blogplus Blogplus 1.0
1 EDB exploit
6.8
CVSSv2
CVE-2008-3163
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained ...
Regretless Dodos Mail 2.5
1 EDB exploit
4.3
CVSSv2
CVE-2009-1451
Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Bluevirus-design Sma-db 0.3.12
1 EDB exploit
7.5
CVSSv2
CVE-2009-1551
Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) qte_web_path parameter to qte_web.php and the (2) qte_root parameter to bin/qte_init.php.
Qt-cute Quickteam 2.0
1 EDB exploit
6.4
CVSSv2
CVE-2009-1637
profile.php in Simple Customer 1.3 does not require administrative authentication, which allows remote malicious users to change the admin e-mail address and password via the email and password parameters.
Simplecustomer Simple Customer 1.3
1 EDB exploit
7.8
CVSSv2
CVE-2009-1653
Directory traversal vulnerability in examples/tbs_us_examples_0view.php in TinyButStrong 3.4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the script parameter.
Tinybutstrong Tinybutstrong 3.4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »