Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bd0rk vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-1999-0953
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
Matt Wright Wwwboard 2.0 Alpha 2.1
1 EDB exploit
755
VMScore
CVE-2010-4878
PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the script_pfad parameter.
Hinnendahl Kontakt Formular 1.1
1 EDB exploit
685
VMScore
CVE-2007-1106
PHP remote file inclusion vulnerability in includes/functions_nomoketos_rules.php in the NoMoKeTos Rules 0.0.1 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Nomoketos Rules Nomoketos Rules 0.0.1
1 EDB exploit
755
VMScore
CVE-2006-6545
PHP remote file inclusion vulnerability in includes/common.php in the ErrorDocs 1.0.0 and previous versions module for mxBB (mx_errordocs) allows remote malicious users to execute arbitrary PHP code via a URL in the module_root_path parameter.
Php Errordocs 1.0.0
1 EDB exploit
435
VMScore
CVE-2011-4572
Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions prior to 1.4.2 allows remote malicious users to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a ...
Codefuture Cf Image Hosting Script 1.4.1
Codefuture Cf Image Hosting Script 1.3.82
1 EDB exploit
935
VMScore
CVE-2007-3935
PHP remote file inclusion vulnerability in link_main.php in the SupaNav 1.0.0 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Phpbb Supanav 1.0.0
1 EDB exploit
785
VMScore
CVE-2006-6866
STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt.
Stphp Easynews 4.0
1 EDB exploit
755
VMScore
CVE-2006-6890
Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download passwords via a direct request for data/users.dat.
Voc-project Voodoo Chat 1.0 Rc1b
1 EDB exploit
755
VMScore
CVE-2007-0170
PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote malicious users to execute arbitrary PHP code via a URL in the AMV_serverpath parameter.
Allmyphp Allmyvisitors 0.4.0
1 EDB exploit
685
VMScore
CVE-2007-5178
contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote malicious users to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in th...
Mxbb Mx Glance 2.3.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »