Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ciph3r vulnerabilities and exploits
(subscribe to this query)
760
VMScore
CVE-2008-3313
Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _admin...
Creacms Creacms 1.0
2 EDB exploits
760
VMScore
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config...
Runcms Newbb Plus Module 0.93
Runcms Runcms 1.6.1
2 EDB exploits
940
VMScore
CVE-2008-3957
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to ...
Microsoft Windows Image Acquisition Logger
2 EDB exploits
935
VMScore
CVE-2011-1255
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote malicious users to execute arbitrary code by accessing an object that (1) was not properly initial...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
1 EDB exploit
1 Article
755
VMScore
CVE-2008-5945
Nukeviet 2.0 Beta allows remote malicious users to bypass authentication and gain administrative access by setting the admf cookie to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Nukevietcms Nukeviet 2.0
1 EDB exploit
755
VMScore
CVE-2008-4081
admin/login.php in Stash 1.0.3 allows remote malicious users to bypass authentication and gain administrative access by setting a bsm cookie.
Stash Stash 1.0.3
1 EDB exploit
755
VMScore
CVE-2008-2854
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
Orlando Cms Orlando Cms 0.6
1 EDB exploit
935
VMScore
CVE-2008-5167
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter.
Boonex Orca 2.0
Boonex Orca 2.0.2
1 EDB exploit
755
VMScore
CVE-2008-3022
Multiple PHP remote file inclusion vulnerabilities in sablonlar/gunaysoft/gunaysoft.php in PHPortal 1.2 Beta allow remote malicious users to execute arbitrary PHP code via a URL in (1) icerikyolu, (2) sayfaid, and (3) uzanti parameters.
Phpbbportal Phportal 1.2
1 EDB exploit
435
VMScore
CVE-2008-3295
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in XOOPS 2.0.18.1 allows remote malicious users to inject arbitrary web script or HTML via the fct parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Xoops Xoops 2.0.18.1
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »