Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dj7xpl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2154
PHP remote file inclusion vulnerability in services/samples/inclusionService.php in Cabron Connector 1.1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the CabronServiceFolder parameter.
Cabron Connector Cabron Connector
1 EDB exploit
NA
CVE-2007-2157
Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Zomplog Zomplog 3.8
1 EDB exploit
NA
CVE-2007-2643
Directory traversal vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the src parameter.
Pinkcrow Designs Designs Gallery Magazin 2.0
1 EDB exploit
NA
CVE-2007-1933
Multiple directory traversal vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to (1) index.php, (2) gb.php, or (3) faq.php.
Dreamcodes Pcp-guestbook 3.0
1 EDB exploit
NA
CVE-2007-1998
Direct static code injection vulnerability in HIOX Guest Book (HGB) 4.0 allows remote malicious users to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php.
Hiox India Guest Book 4.0
1 EDB exploit
NA
CVE-2007-2050
Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.
Ricargbook Ricargbook 1.2.1
1 EDB exploit
NA
CVE-2005-1237
SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
China-on-site Flexphpnews
1 EDB exploit
NA
CVE-2007-2169
Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote malicious users to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php.
Mozzers Subsystem Mozzers Subsystem
1 EDB exploit
NA
CVE-2007-1480
Creative Guestbook 1.0 allows remote malicious users to add an administrative account via a direct request to createadmin.php with Name, Email, and PASSWORD parameters set.
Creative Guestbook Creative Guestbook 1.0
1 EDB exploit
NA
CVE-2007-1487
Directory traversal vulnerability in index.php in Sascha Schroeder (aka CyberTeddy or Cyber-inside) WebLog allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter in a showarticles action.
Cyber Inside Weblog
Cyberteddy Weblog
Sascha Schroeder Weblog
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »