Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
510
VMScore
CVE-2004-0293
Directory traversal vulnerability in ShopCartCGI 2.3 allows remote malicious users to retrieve arbitrary files via a .. (dot dot) in a HTTP request to (1) gotopage.cgi or (2) genindexpage.cgi.
Shopcartcgi Shopcartcgi 2.3
2 EDB exploits
510
VMScore
CVE-2007-1149
Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI.
Lovecms Lovecms 1.4
2 EDB exploits
505
VMScore
CVE-2018-12054
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
Schools Alert Management Script Project Schools Alert Management Script -
1 EDB exploit
655
VMScore
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Claydip Airbnb Clone 1.0
1 EDB exploit
735
VMScore
CVE-2003-1051
Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd.
Ibm Db2 9.0
3 EDB exploits
515
VMScore
CVE-2011-1425
xslt.c in XML Security Library (aka xmlsec) prior to 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote malicious users to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signa...
Aleksey Xml Security Library
Aleksey Xml Security Library 1.2.7
Aleksey Xml Security Library 1.2.6
Aleksey Xml Security Library 1.1.2
Aleksey Xml Security Library 1.1.1
Aleksey Xml Security Library 1.0.0
Aleksey Xml Security Library 0.1.1
Aleksey Xml Security Library 0.0.9
Aleksey Xml Security Library 0.0.8
Aleksey Xml Security Library 0.0.2
Aleksey Xml Security Library 0.0.1
Aleksey Xml Security Library 1.2.13
Aleksey Xml Security Library 1.2.11
Aleksey Xml Security Library 1.2.10
Aleksey Xml Security Library 1.2.3
Aleksey Xml Security Library 1.2.2
Aleksey Xml Security Library 1.0.3
Aleksey Xml Security Library 1.0.2
Aleksey Xml Security Library 0.0.13
Aleksey Xml Security Library 0.0.12
Aleksey Xml Security Library 0.0.5
Aleksey Xml Security Library 0.0.4
1 EDB exploit
665
VMScore
CVE-2008-6943
Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a recipe photo, then accessing it via a direct request to the file in pictures/.
Scriptsfeed Recipes Listing Portal
3 EDB exploits
665
VMScore
CVE-2008-6944
Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in cars_images/.
Scriptsfeed Auto Classifieds -
3 EDB exploits
665
VMScore
CVE-2008-6942
Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifieds System (aka Real Estate Classifieds) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to...
Scriptsfeed Realtor Classifieds System -
3 EDB exploits
690
VMScore
CVE-2012-1153
Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the ...
Apprain Apprain 0.1.3
Apprain Apprain 0.1.2
Apprain Apprain 0.1.1
Apprain Apprain 0.1.0
Apprain Apprain
Apprain Apprain 0.1.4
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »