Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cr4wl3r vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4435
Multiple directory traversal vulnerabilities in F3Site 2009 allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[nlang] parameter to (1) mod/poll.php and (2) mod/new.php.
Compmaster.prv.pl F3site 2009
2 EDB exploits
NA
CVE-2009-4154
Directory traversal vulnerability in includes/feedcreator.class.php in Elxis CMS allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter.
Elxis Elxis Cms
1 EDB exploit
NA
CVE-2010-2135
Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) Username and (2) password fields.
Hazelpress Hazelpress 0.0.4
1 EDB exploit
NA
CVE-2010-2137
PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter.
Giaard Proman
Giaard Proman 0.1.0
1 EDB exploit
NA
CVE-2010-1216
PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the content parameter. NOTE: some of these details are obtain...
Notsopureedit Notsopureedit
1 EDB exploit
NA
CVE-2010-0611
Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password parameters.
Baalsystems Baal Systems
Baalsystems Baal Systems 3.7
Baalsystems Baal Systems 3.6
1 EDB exploit
NA
CVE-2010-0718
Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file.
Microsoft Windows Media Player 9
Microsoft Windows Media Player 11.0.5721.5145
1 EDB exploit
NA
CVE-2010-1112
Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote malicious users to inject arbitrary web script or HTML via the cat parameter.
Tristan Barczyk Klonews 2.0
1 EDB exploit
NA
CVE-2009-3492
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the pathToIndex parameter to (1) Calendar.php, (2) Comment.php, (3) Rss.php and (4) Trackback.php in lib/Loggix...
Gotdns Loggix Project
Gotdns Loggix Project 9.3.27
Gotdns Loggix Project 9.3.28
1 EDB exploit
NA
CVE-2010-0958
Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary files via directory traversal sequences in the theme parameter. NOTE: some o...
Thomas Perez Tribisur
Thomas Perez Tribisur 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »