Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
darkfig vulnerabilities and exploits
(subscribe to this query)
800
VMScore
CVE-2006-4477
Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote malicious users to execute arbitrary PHP code via an empty GLOBALS[rootdp] parameter and an ftps URL in the (1) GLOBALS[admin_home] parameter in (a) diary/event_list.php, (b) galler...
Visualshapers Ezcontents 2.0.3
10 EDB exploits
760
VMScore
CVE-2007-1493
nukesentinel.php in NukeSentinel 2.5.06 and previous versions uses a permissive regular expression to validate an IP address, which allows remote malicious users to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172.
Nukescripts Nukesentinel
2 EDB exploits
435
VMScore
CVE-2006-6254
administration/telecharger.php in Cahier de texte 2.0 allows remote malicious users to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte....
Cahier De Textes Cahier De Textes 2.0
Cahier De Textes Cahier De Textes
1 EDB exploit
755
VMScore
CVE-2006-6280
SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572.
O2php.com Oxygen
1 EDB exploit
755
VMScore
CVE-2006-2867
SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and previous versions allows remote malicious users to execute arbitrary SQL commands via the post parameter.
Coolforum Coolforum
1 EDB exploit
505
VMScore
CVE-2006-2946
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote malicious users to obtain database username and password information.
Dmx Forum Dmx Forum
1 EDB exploit
755
VMScore
CVE-2007-0093
SQL injection vulnerability in page.php in Simple Web Content Management System allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Cms-center Simple Web Cms
1 EDB exploit
655
VMScore
CVE-2007-0122
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and previous versions allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start pa...
Coppermine Coppermine Photo Gallery 1.1 Beta 2
Coppermine Coppermine Photo Gallery 1.0
Coppermine Coppermine Photo Gallery 1.2.2 B-nuke
Coppermine Coppermine Photo Gallery 1.3
Coppermine Coppermine Photo Gallery 1.2.1
Coppermine Coppermine Photo Gallery 1.2.2 B
Coppermine Coppermine Photo Gallery 1.4.9
Coppermine Coppermine Photo Gallery
Coppermine Coppermine Photo Gallery 1.2
Coppermine Coppermine Photo Gallery 1.3.4
Coppermine Coppermine Photo Gallery 1.4.4
Coppermine Coppermine Photo Gallery 1.0 Rc3
Coppermine Coppermine Photo Gallery 1.1
Coppermine Coppermine Photo Gallery 1.3.2
Coppermine Coppermine Photo Gallery 1.3.3
1 EDB exploit
755
VMScore
CVE-2007-0202
SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the lang parameter.
Alexphpteam Alex Guestbook 3.13
Alexphpteam Alex Guestbook 4.0.1
Alexphpteam Alex Guestbook 3.12
Alexphpteam Alex Guestbook 4.0.2
1 EDB exploit
755
VMScore
CVE-2007-0205
Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and previous versions allows remote malicious users to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for...
Alexphpteam Alex Guestbook 3.13
Alexphpteam Alex Guestbook 4.0.1
Alexphpteam Alex Guestbook 3.12
Alexphpteam Alex Guestbook 4.0.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »