Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cold zero vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2008-5780
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing passwords via a direct request for blog.mdb.
Hostforest Forest Blog 1.3.2
1 EDB exploit
755
VMScore
CVE-2006-6154
PHP remote file inclusion vulnerability in addcode.php in HIOX Star Rating System Script (HSRS) 1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the hm parameter.
Hscripts Hiox Star Rating System Script
1 EDB exploit
785
VMScore
CVE-2008-6334
Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter.
Emetrix Extract Website -
1 EDB exploit
935
VMScore
CVE-2007-1596
Multiple PHP remote file inclusion vulnerabilities in the NFN Address Book (com_nfn_addressbook) 0.4 component for Mambo and Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) components/com_nfn_addressbook...
Mambo Nfn Address Book 0.4
Joomla Nfn Address Book 0.4
1 EDB exploit
935
VMScore
CVE-2007-1600
PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote malicious users to execute arbitrary PHP code via a URL in the menu parameter.
Digital Eye Gallery Digital Eye Gallery 1.1 Beta
Digital Eye Gallery Digital Eye Gallery 0.1.1b
1 EDB exploit
935
VMScore
CVE-2007-1626
PHP remote file inclusion vulnerability in iframe.php in the iFrame Module for PHP-NUKE allows remote malicious users to execute arbitrary PHP code via a URL in the file parameter.
Php-nuke Iframe Module
1 EDB exploit
685
VMScore
CVE-2006-5043
Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) prior to 1.1.2 for Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant o...
Joomlaboard Joomlaboard
1 EDB exploit
755
VMScore
CVE-2006-0308
PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and possibly other versions, module for PHP-Nuke allows remote malicious users to execute arbitrary PHP code via a URL in the filnavn parameter.
Htmltonuke Htmltonuke 2.0 Alpha
1 EDB exploit
505
VMScore
CVE-2003-1571
Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported th...
Webwizguide Web Wiz Guestbook 6.0
Webwizguide Web Wiz Guestbook 8.21
1 EDB exploit
1000
VMScore
CVE-2008-0251
Unrestricted file upload vulnerability in PhotoPost vBGallery prior to 2.4.2 allows remote malicious users to upload and execute arbitrary files via unknown vectors.
Photopost Photopost Vbgallery
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »