Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cold zero vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1571
Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported th...
Webwizguide Web Wiz Guestbook 6.0
Webwizguide Web Wiz Guestbook 8.21
1 EDB exploit
NA
CVE-2007-4952
SQL injection vulnerability in article.php in OmniStar Article Manager allows remote malicious users to execute arbitrary SQL commands via the page_id parameter in a favorite op action, a different vector than CVE-2006-5917.
Omnistar Interactive Omnistar Article Manager
1 EDB exploit
NA
CVE-2007-4953
SQL injection vulnerability in index.php in SimpCMS allows remote malicious users to execute arbitrary SQL commands via the keyword parameter in a search site action.
Simpcms Simpcms
1 EDB exploit
NA
CVE-2007-3583
SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the idnew parameter.
Girlserv Girlserv Ads
1 EDB exploit
NA
CVE-2006-0308
PHP remote file inclusion vulnerability in htmltonuke.php in the htmltonuke 2.0 alpha, and possibly other versions, module for PHP-Nuke allows remote malicious users to execute arbitrary PHP code via a URL in the filnavn parameter.
Htmltonuke Htmltonuke 2.0 Alpha
1 EDB exploit
NA
CVE-2007-3932
uploadimg.php in the Expose RC35 and previous versions (com_expose) component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote malicious users to upload and execute arbitrary PHP code in the img/ folder...
Joomla Expose
1 EDB exploit
NA
CVE-2007-2144
PHP remote file inclusion vulnerability in includes/CAltInstaller.php in the JoomlaPack (com_jpack) 1.0.4a2 RE component for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Joomlapack Joomlapack 1.0.4a2 Re
1 EDB exploit
NA
CVE-2007-2319
PHP remote file inclusion vulnerability in the AutoStand 1.1 and previous versions module for Joomla! allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to mod_as_category.php in (1) modules/mod_as_category/ or (2) modul...
Autostand Category Autostand Category
1 EDB exploit
NA
CVE-2008-7088
Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a cer...
Photopost Photopost Vbgallery 2.4.2
1 EDB exploit
NA
CVE-2008-5780
Forest Blog 1.3.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing passwords via a direct request for blog.mdb.
Hostforest Forest Blog 1.3.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »