Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ciph3r vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2008-3957
The Microsoft Windows Image Acquisition Logger ActiveX control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the first argument to ...
Microsoft Windows Image Acquisition Logger
2 EDB exploits
760
VMScore
CVE-2008-3313
Multiple PHP remote file inclusion vulnerabilities in CreaCMS 1.0 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) cfg[document_uri] parameter to _administration/edition_article/edition_article.php and the (2) cfg[base_uri_admin] parameter to _admin...
Creacms Creacms 1.0
2 EDB exploits
760
VMScore
CVE-2008-3354
Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config...
Runcms Newbb Plus Module 0.93
Runcms Runcms 1.6.1
2 EDB exploits
725
VMScore
CVE-2008-7002
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) pa...
Php Php 5.2.5
1 EDB exploit
755
VMScore
CVE-2008-4081
admin/login.php in Stash 1.0.3 allows remote malicious users to bypass authentication and gain administrative access by setting a bsm cookie.
Stash Stash 1.0.3
1 EDB exploit
755
VMScore
CVE-2008-3300
AlphAdmin CMS 1.0.5/03 allows remote malicious users to bypass authentication and gain administrative access by setting the aa_login cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Alphadmin Alphadmin Cms 1.0.5
1 EDB exploit
685
VMScore
CVE-2008-3312
Directory traversal vulnerability in lemon_includes/FCKeditor/editor/filemanager/browser/browser.php in Lemon CMS 1.10 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter. NOTE: the provenance of this information is u...
Lemoncms Lemon Cms 1.10
1 EDB exploit
935
VMScore
CVE-2011-1255
The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote malicious users to execute arbitrary code by accessing an object that (1) was not properly initial...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
1 EDB exploit
1 Article
785
VMScore
CVE-2008-4508
Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and previous versions, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a lon...
Tonec Inc. Internet Download Manager
1 EDB exploit
935
VMScore
CVE-2008-5167
PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter.
Boonex Orca 2.0
Boonex Orca 2.0.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »