Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote malicious users to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Php-sugar Php-sugar 0.80
1 EDB exploit
NA
CVE-2009-1771
index.php in Flyspeck CMS 6.8 does not require administrative authentication for the updateExistingContent action, which allows remote malicious users to create or modify admin accounts via the (1) users[fullname], (2) users[email], (3) users[role_id], (4) users[username], and (5...
Flyspeck Flyspeck Cms 6.8
1 EDB exploit
NA
CVE-2009-2112
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
Frank-karau Phpfk 7.03
1 EDB exploit
NA
CVE-2009-2338
Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter.
Freewebshop Freewebshop 2.2.9
1 EDB exploit
NA
CVE-2009-2378
PHP remote file inclusion vulnerability in formmailer.admin.inc.php in Jax FormMailer 3.0.0 allows remote malicious users to execute arbitrary PHP code via a URL in the BASE_DIR[jax_formmailer] parameter.
Jtr Jax Formmailer 3.0.0
1 EDB exploit
NA
CVE-2008-5062
Directory traversal vulnerability in php/cal_pdf.php in Mini Web Calendar (mwcal) 1.2 allows remote malicious users to read arbitrary files via directory traversal sequences in the thefile parameter.
Smolinari Mini Web Calendar 1.2
1 EDB exploit
NA
CVE-2008-5597
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for db/cforum.mdb.
Cold Bbs Cold Bbs Nil
1 EDB exploit
NA
CVE-2008-2689
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
Browsercrm Browsercrm 5.002.00
1 EDB exploit
NA
CVE-2008-2690
Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter to (1) kb.php, (2) login.php, (3) index.php, (4) contact_view.php, and ...
Browsercrm Browsercrm 5.002.00
1 EDB exploit
NA
CVE-2008-3163
Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained ...
Regretless Dodos Mail 2.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »