Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
condemned vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-5308
The Simple Forum 3.1d module for LoveCMS 1.6.2 Final does not properly restrict access to administrator functions, which allows remote malicious users to change the administrator password via a direct request to modules/simpleforum/admin/index.php.
Lovecms The Simple Forum 3.1d
1 EDB exploit
6.8
CVSSv2
CVE-2008-2887
Directory traversal vulnerability in index.php in chaozz@work FubarForum 1.5 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
Chaozzatwork Fubarforum 1.5
1 EDB exploit
6.8
CVSSv2
CVE-2008-3190
Directory traversal vulnerability in list.php in 1Scripts CodeDB 1.1.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
1scripts Codedb 1.1.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-2337
Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.p...
Imgallery Imgallery 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-5593
Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
Bpowerhouse Mini Cms 1.0.1
1 EDB exploit
5
CVSSv2
CVE-2008-5794
Directory traversal vulnerability in system/admin/images.php in LoveCMS 1.6.2 Final allows remote malicious users to delete arbitrary files via a .. (dot dot) in the delete parameter.
Lovecms Lovecms 1.6.2
1 EDB exploit
6.8
CVSSv2
CVE-2009-4426
Multiple directory traversal vulnerabilities in Ignition 1.2, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the blog parameter to (1) comment.php and (2) view.php.
Launchpad Ignition 1.2
1 EDB exploit
5.1
CVSSv2
CVE-2008-5217
Directory traversal vulnerability in index.php in txtCMS 0.3, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the id parameter.
Phpc0d3r Txtcms 0.3
1 EDB exploit
5
CVSSv2
CVE-2008-5218
ScriptsEz FREEze Greetings 1.0 stores pwd.txt under the web root with insufficient access control, which allows remote malicious users to obtain cleartext passwords.
Scriptsez Freeze Greetings 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-5594
Multiple directory traversal vulnerabilities in index.php in Mini Blog 1.0.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.
Bpowerhouse Mini Blog 1.0.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »