Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beyazkurt vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2008-6493
Easy Content Management Publishing stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for Database/News.mdb.
Easy-news Easy Content Management Publishing -
1 EDB exploit
7.5
CVSSv2
CVE-2008-6783
SQL injection vulnerability in directory.php in Sites for Scripts (SFS) EZ Home Business Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Home Business Directory
1 EDB exploit
7.5
CVSSv2
CVE-2008-6808
SQL injection vulnerability in links.php in Scripts for Sites (SFS) EZ Link Directory allows remote malicious users to execute arbitrary SQL commands via the cat_id parameter in a list action.
Scripts-for-sites Ez Link Directory
1 EDB exploit
7.5
CVSSv2
CVE-2008-7240
Directory traversal vulnerability in include/unverified.inc.php in Linux Web Shop (LWS) php User Base 1.3beta allows remote malicious users to include and execute arbitrary local files via the template parameter.
Linuxwebshop Php User Base 1.3
1 EDB exploit
5
CVSSv2
CVE-2007-2560
Directory traversal vulnerability in theme/acgv.php in ACGVannu 1.3 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the rubrik parameter.
Mentiss Acgv Acgvannu
1 EDB exploit
6.8
CVSSv2
CVE-2008-3385
Directory traversal vulnerability in include/head_chat.inc.php in php Help Agent 1.0 and 1.1 Full allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the content parameter. NOTE: in some environments, this can be leveraged for remote f...
Linuxwebshop Php Help Agent 1.0
Linuxwebshop Php Help Agent 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-3236
PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter.
Xoops Horoscope Module 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-1932
Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.
Scar4u Scarnews 1.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6119
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS 1.7 allows remote malicious users to inject arbitrary PHP code into admin/userandpass.php via the (1) username and (2) password parameters. NOTE: the provenance of this information is...
Goople Cms Goople Cms 1.7
1 EDB exploit
6.8
CVSSv2
CVE-2007-2303
Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
News Manager Deluxe News Manager Deluxe 1.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »