Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dun vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-2310
SQL injection vulnerability in include/get_read.php in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the section parameter.
Bow Der Kleine X-blc
Bow Der Kleine X-blc 0.1.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-1751
Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote malicious users to read arbitrary local files via a .. (dot dot) in the (1) language and (2) lang parameters.
Ksemail Ksemail
1 EDB exploit
7.5
CVSSv2
CVE-2008-6669
viewrq.php in nweb2fax 0.2.7 and previous versions allows remote malicious users to execute arbitrary code via shell metacharacters in the var_filename parameter in a (1) tif or (2) pdf format action.
Dirk Bartley Nweb2fax 0.2.6
Dirk Bartley Nweb2fax 0.2.5
Dirk Bartley Nweb2fax 0.2.4
Dirk Bartley Nweb2fax 0.2.1
Dirk Bartley Nweb2fax
Dirk Bartley Nweb2fax 0.1
Dirk Bartley Nweb2fax 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-2313
Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the name parameter.
Jinzora Jinzora 2.5.1
Jinzora Jinzora 0.1.1
Jinzora Jinzora 0.3.1
Jinzora Jinzora 2.0.1
Jinzora Jinzora 2.6
Jinzora Jinzora 0.9.2
Jinzora Jinzora 2.7.5
Jinzora Jinzora 2.0
Jinzora Jinzora 2.3.4
Jinzora Jinzora 2.3.3
Jinzora Jinzora 0.3
Jinzora Jinzora 0.2
Jinzora Jinzora 0.6.2
Jinzora Jinzora 0.5
Jinzora Jinzora 0.9.1
Jinzora Jinzora 0.9.4
Jinzora Jinzora 2.3.2
Jinzora Jinzora 2.3.1
Jinzora Jinzora 0.8.1
Jinzora Jinzora 0.7
Jinzora Jinzora 0.9.3
Jinzora Jinzora 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-6402
PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mod_dir parameter.
Muskatli Sofi Webgui 0.4.2
Muskatli Sofi Webgui
Muskatli Sofi Webgui 0.6.0pre
Muskatli Sofi Webgui 0.5.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-6403
PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the tpl_dir parameter.
Openrat Openrat
Openrat Openrat 0.8-beta1
1 EDB exploit
9
CVSSv2
CVE-2008-5071
Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and previous versions allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.
Yoxel Yoxel 1.21
Yoxel Yoxel 1.20
Yoxel Yoxel 1.18beta
Yoxel Yoxel 1.17beta
Yoxel Yoxel 1.09beta
Yoxel Yoxel 1.08beta
Yoxel Yoxel 1.07beta
Yoxel Yoxel 1.22
Yoxel Yoxel 1.21beta
Yoxel Yoxel 1.19beta
Yoxel Yoxel 1.11beta
Yoxel Yoxel 1.10beta
Yoxel Yoxel 1.20beta
Yoxel Yoxel 1.13beta
Yoxel Yoxel 1.16beta
Yoxel Yoxel 1.15beta
Yoxel Yoxel 1.06beta
Yoxel Yoxel
Yoxel Yoxel 1.22beta
Yoxel Yoxel 1.14beta
Yoxel Yoxel 1.12beta
1 EDB exploit
5
CVSSv2
CVE-2007-4369
Directory traversal vulnerability in go/_files in SOTEeSKLEP prior to 4.0 allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Sote Soteesklep 3.1
Sote Soteesklep 3.5
Sote Soteesklep 2.0
Sote Soteesklep 2.5
Sote Soteesklep 3.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-2394
Multiple SQL injection vulnerabilities in TAGWORX.CMS 3.00.02 allow remote malicious users to execute arbitrary SQL commands via the (1) cid parameter to contact.php and the (2) nid parameter to news.php.
Tagworx Tagworx Cms 3.00.02
1 EDB exploit
10
CVSSv2
CVE-2008-4318
Observer 0.3.2.1 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in the query parameter to (1) whois.php or (2) netcmd.php.
Project-observer Observer 0.2.3
Project-observer Observer 0.2.2
Project-observer Observer 0.3.1
Project-observer Observer 0.30-pre-1
Project-observer Observer 0.1.2
Project-observer Observer 0.1.1
Project-observer Observer 0.1.0
Project-observer Observer 0.2.5
Project-observer Observer 0.2.4
Project-observer Observer
Project-observer Observer 0.3.2
Project-observer Observer 0.2.1
Project-observer Observer 0.2.0
1 EDB exploit
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »