Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
NA
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
NA
CVE-2006-6254
administration/telecharger.php in Cahier de texte 2.0 allows remote malicious users to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte....
Cahier De Textes Cahier De Textes 2.0
Cahier De Textes Cahier De Textes
1 EDB exploit
NA
CVE-2006-6280
SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572.
O2php.com Oxygen
1 EDB exploit
NA
CVE-2006-2867
SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the post parameter.
Coolforum Coolforum
1 EDB exploit
NA
CVE-2006-2946
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote malicious users to obtain database username and password information.
Dmx Forum Dmx Forum
1 EDB exploit
NA
CVE-2007-0093
SQL injection vulnerability in page.php in Simple Web Content Management System allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cms-center Simple Web Cms
1 EDB exploit
NA
CVE-2007-0122
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and previous versions allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start pa...
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.0
Coppermine Coppermine Photo Gallery 1.2.2 B-nuke
Coppermine Coppermine Photo Gallery 1.3
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.4.9
Coppermine Coppermine Photo Gallery
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.3.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1
Coppermine Coppermine Photo Gallery 1.3.2
Coppermine Coppermine Photo Gallery 1.3.3
1 EDB exploit
NA
CVE-2007-0202
SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the lang parameter.
Alexphpteam Alex Guestbook 3.13
Alexphpteam Alex Guestbook 4.0.1
Alexphpteam Alex Guestbook 3.12
Alexphpteam Alex Guestbook 4.0.2
1 EDB exploit
NA
CVE-2007-0205
Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and previous versions allows remote malicious users to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for...
Alexphpteam Alex Guestbook 3.13
Alexphpteam Alex Guestbook 4.0.1
Alexphpteam Alex Guestbook 3.12
Alexphpteam Alex Guestbook 4.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »