Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ahmadbady vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-1447
Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.
E-cart Free Shopping Cart
1 EDB exploit
755
VMScore
CVE-2009-1450
PHP remote file inclusion vulnerability in format.php in SMA-DB 0.3.12 allows remote malicious users to execute arbitrary PHP code via a URL in the _page_content parameter.
Bluevirus-design Sma-db 0.3.12
1 EDB exploit
505
VMScore
CVE-2008-5597
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for db/cforum.mdb.
Cold Bbs Cold Bbs Nil
1 EDB exploit
1000
VMScore
CVE-2008-2689
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote malicious users to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
Browsercrm Browsercrm 5.002.00
1 EDB exploit
685
VMScore
CVE-2009-0596
Directory traversal vulnerability in skysilver/login.tpl.php in phpSkelSite 1.4, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the TplSuffix parameter.
Phpskelsite Phpskelsite 1.4
1 EDB exploit
505
VMScore
CVE-2009-0826
BlogHelper stores common_db.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Bloghelper -
1 EDB exploit
505
VMScore
CVE-2009-0827
PollHelper stores poll.inc under the web root with insufficient access control, which allows remote malicious users to download the database file containing user credentials via a direct request.
Freedville Pollhelper -
1 EDB exploit
435
VMScore
CVE-2008-6609
Cross-site scripting (XSS) vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2 allows remote malicious users to inject arbitrary web script or HTML via the path parameter.
Ott Phpcksec 0.2
1 EDB exploit
505
VMScore
CVE-2008-6869
Oramon Oracle Database Monitoring Tool 2.0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database containing credentials via a direct request for config/oramon.ini.
Oramon Oramon 2.0.1
1 EDB exploit
655
VMScore
CVE-2008-6956
Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details ...
Infireal Mxcamarchive 2.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »