Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cr4wl3r vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-4435
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
Compmaster.prv.pl F3site 2009
2 EDB exploits
7.5
CVSSv2
CVE-2009-4779
Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter to (1) blocks.php, (2) messages.php, and (3) stories.php in admin/modules/.
Robert Garrigos Nukehall
Robert Garrigos Nukehall 0.2.1
Robert Garrigos Nukehall 0.3
Robert Garrigos Nukehall 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2010-1266
Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) template, (2) menu, (3) events, and (4) SITEROOT parameters to template/babyweb/index.php; the (5) mo...
Kjetiltroan Webmaid Cms
1 EDB exploit
7.5
CVSSv2
CVE-2010-1272
PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
Komputer.boo Gnat-tgp
1 EDB exploit
6.8
CVSSv2
CVE-2010-1346
SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.
Ribafs Mini Cms Ribafs 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2010-1537
Multiple directory traversal vulnerabilities in phpCDB 1.0 and previous versions allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_global parameter to (1) firstvisit.php, (2) newfolder.php, (3) showfolders.php, (4) newlang.ph...
Francois Bissonnette Phpcdb
1 EDB exploit
7.5
CVSSv2
CVE-2010-1538
SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Bluestrikeweb Phpraincheck
1 EDB exploit
6.8
CVSSv2
CVE-2010-1936
Directory traversal vulnerability in scr/soustab.php in openMairie openComInterne 1.01, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to...
Openmairie Opencominterne 1.01
1 EDB exploit
6.8
CVSSv2
CVE-2010-1945
Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the path_om parameter to (1) action.class.php, (2) architecte.class.php, (3) avis.class.php...
Openmairie Openfoncier 2.00
1 EDB exploit
6.8
CVSSv2
CVE-2010-1947
Directory traversal vulnerability in scr/soustab.php in openMairie Openregistrecil 1.02, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter. NOTE: this may be...
Openmairie Openregistrecil 1.02
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »