Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2338
Directory traversal vulnerability in includes/startmodules.inc.php in FreeWebshop.org 2.2.9 R2, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_file parameter.
Freewebshop Freewebshop 2.2.9
1 EDB exploit
NA
CVE-2009-2398
Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote malicious users to read arbitrary files via a ..// (dot dot slash slash) in the t parameter.
Php-sugar Php-sugar 0.80
1 EDB exploit
NA
CVE-2008-6920
Unrestricted file upload vulnerability in auth.php in phpEmployment 1.8 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension during a regnew action, then accessing it via a direct request to the file in photoes/.
W2b Phpemployment 1.8
1 EDB exploit
NA
CVE-2009-0448
Directory traversal vulnerability in admin/modules/aa/preview.php in Syntax Desktop 2.7 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the synTarget parameter.
Syntax Desktop Syntax Desktop 2.7
1 EDB exploit
NA
CVE-2009-0594
Cross-site scripting (XSS) vulnerability in index.php in phpSkelSite 1.4 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Apmuthu Phpskelsite 1.4
1 EDB exploit
NA
CVE-2009-1451
Cross-site scripting (XSS) vulnerability in startpage.php in SMA-DB 0.3.12 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Bluevirus-design Sma-db 0.3.12
1 EDB exploit
NA
CVE-2009-1551
Multiple PHP remote file inclusion vulnerabilities in Qt quickteam 2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) qte_web_path parameter to qte_web.php and the (2) qte_root parameter to bin/qte_init.php.
Qt-cute Quickteam 2.0
1 EDB exploit
NA
CVE-2009-0456
PHP remote file inclusion vulnerability in examples/example_clientside_javascript.php in patForms, as used in Sourdough 0.3.5, allows remote malicious users to execute arbitrary PHP code via a URL in the neededFiles[patForms] parameter.
Sourdough Sourdough 0.3.5
1 EDB exploit
NA
CVE-2009-0457
Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the m...
Magtrb Aja Portal 1.2
1 EDB exploit
NA
CVE-2009-0513
Multiple PHP remote file inclusion vulnerabilities in WebFrame 0.76 allow remote malicious users to execute arbitrary PHP code via a URL in the classFiles parameter to (1) admin/doc/index.php, (2) index.php, and (3) base/menu.php in mod/.
Webframe Webframe 0.76
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »