Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arena vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5079
PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
Php Arena Pabugs
1 EDB exploit
NA
CVE-2005-0724
paFileDB 3.1 and previous versions allows remote malicious users to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php,...
Php Arena Pafiledb
7.8
CVSSv3
CVE-2023-27854
An arbitrary code execution vulnerability was reported to Rockwell Automation in Arena Simulation that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow. The threat-actor could then execute malicious ...
Rockwellautomation Arena Simulation
7.8
CVSSv3
CVE-2023-27858
Rockwell Automation Arena Simulation contains an arbitrary code execution vulnerability that could potentially allow a malicious user to commit unauthorized code to the software by using an uninitialized pointer in the application. The threat-actor could then execute malicious c...
Rockwellautomation Arena Simulation
NA
CVE-2006-2361
PHP remote file inclusion vulnerability in pafiledb_constants.php in Download Manager (mxBB pafiledb) integration, as used with phpBB, allows remote malicious users to execute arbitrary PHP code via a URL in the module_root_path parameter.
Php Arena Pafiledb 1.1.3
Php Arena Pafiledb 2.0.1
Mxbb Mxbb Portal 2.7
Mxbb Mxbb Portal 2.8
1 EDB exploit
NA
CVE-2005-2723
SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote malicious users to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie.
Php Arena Pafiledb 3.1
NA
CVE-2005-0646
SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote malicious users to execute arbitrary SQL via the mysql_prefix parameter.
Php Arena Panews 2.0.4b
NA
CVE-2005-0674
Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote malicious users to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request.
Php Arena Pabox 1.6
NA
CVE-2005-0723
Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demon...
Php Arena Pafiledb 3.1
7.8
CVSSv3
CVE-2019-13510
Rockwell Automation Arena Simulation Software versions 16.00.00 and previous versions contain a USE AFTER FREE CWE-416. A maliciously crafted Arena file opened by an unsuspecting user may result in the application crashing or the execution of arbitrary code.
Rockwellautomation Arena Simulation Software
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »