Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-0911
TikiWiki CMS/Groupware prior to 6.7 LTS and prior to 8.4 allows remote malicious users to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.p...
Tiki Tikiwiki Cms\\/groupware
2 EDB exploits
NA
CVE-2012-3996
TikiWiki CMS/Groupware 8.3 and previous versions allows remote malicious users to obtain the installation path via a direct request to (1) admin/include_calendar.php, (2) tiki-rss_error.php, or (3) tiki-watershed_service.php.
Tiki Tikiwiki Cms\\/groupware 7.2
Tiki Tikiwiki Cms\\/groupware 7.0
Tiki Tikiwiki Cms\\/groupware 5.0
Tiki Tikiwiki Cms\\/groupware 4.1
Tiki Tikiwiki Cms\\/groupware 3.3
Tiki Tikiwiki Cms\\/groupware 3.5
Tiki Tikiwiki Cms\\/groupware 6.1
Tiki Tikiwiki Cms\\/groupware 6.0
Tiki Tikiwiki Cms\\/groupware 5.3
Tiki Tikiwiki Cms\\/groupware 5.2
Tiki Tikiwiki Cms\\/groupware 2.2
Tiki Tikiwiki Cms\\/groupware
Tiki Tikiwiki Cms\\/groupware 8.1
Tiki Tikiwiki Cms\\/groupware 8.0
Tiki Tikiwiki Cms\\/groupware 4.0
Tiki Tikiwiki Cms\\/groupware 4
Tiki Tikiwiki Cms\\/groupware 3.1
Tiki Tikiwiki Cms\\/groupware 3.0
Tiki Tikiwiki Cms\\/groupware 7.1
Tiki Tikiwiki Cms\\/groupware 6.2
Tiki Tikiwiki Cms\\/groupware 5.1
Tiki Tikiwiki Cms\\/groupware 4.2
2 EDB exploits
NA
CVE-2012-1300
phpFox versions 3.0.1 and below remote command execution exploit that leverages ajax.php.
1 EDB exploit
NA
CVE-2012-1002
SQL injection vulnerability in author/edit.php in OpenConf 4.x prior to 4.12 allows remote malicious users to execute arbitrary SQL commands via the pid parameter.
Zakongroup Openconf 4.11
Zakongroup Openconf 4.02
Zakongroup Openconf 4.10
Zakongroup Openconf 4.00
Zakongroup Openconf 4.01
1 EDB exploit
NA
CVE-2011-5075
translate.php in Support Incident Tracker (aka SiT!) 3.45 up to and including 3.65 allows remote malicious users to obtain sensitive information via a direct request using the save action, which reveals the installation path.
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.64
Sitracker Support Incident Tracker 3.65
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.60
1 EDB exploit
NA
CVE-2011-4337
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 up to and including 3.65 allows remote malicious users to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
Sitracker Support Incident Tracker 3.6
Sitracker Support Incident Tracker 3.60
Sitracker Support Incident Tracker 3.61
Sitracker Support Incident Tracker 3.62
Sitracker Support Incident Tracker 3.45
Sitracker Support Incident Tracker 3.50
Sitracker Support Incident Tracker 3.64
Sitracker Support Incident Tracker 3.63
Sitracker Support Incident Tracker 3.51
Sitracker Support Incident Tracker 3.65
1 EDB exploit
NA
CVE-2011-4453
The PageListSort function in scripts/pagelist.php in PmWiki 2.x prior to 2.2.35 allows remote malicious users to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.1.17
Pmwiki Pmwiki 2.1.18
Pmwiki Pmwiki 2.1.19
Pmwiki Pmwiki 2.2.0
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.10
Pmwiki Pmwiki 2.0.12
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.1.15
Pmwiki Pmwiki 2.1.20
Pmwiki Pmwiki 2.1.22
Pmwiki Pmwiki 2.2.1
Pmwiki Pmwiki 2.2.8
2 EDB exploits
NA
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager prior to 1.1, as used in tinymce prior to 1.4.2, phpMyFAQ 2.6 prior to 2.6.19 and 2.7 prior to 2.7.1, and possibly other products, allows remote malicious users to inject arbitrary PHP cod...
Phpletter Ajax File And Image Manager 1.0
Phpletter Ajax File And Image Manager 0.5.7
Phpletter Ajax File And Image Manager 0.5.5
Phpletter Ajax File And Image Manager 0.5
Phpletter Ajax File And Image Manager
Phpmyfaq Phpmyfaq 2.7.0
Phpmyfaq Phpmyfaq 2.6.10
Phpmyfaq Phpmyfaq 2.6.5
Phpmyfaq Phpmyfaq 2.6.4
Phpmyfaq Phpmyfaq 2.6.3
Phpletter Ajax File And Image Manager 0.9
Phpletter Ajax File And Image Manager 0.7.10
Phpletter Ajax File And Image Manager 0.6.12
Phpmyfaq Phpmyfaq 2.6.18
Phpmyfaq Phpmyfaq 2.6.16
Phpmyfaq Phpmyfaq 2.6.8
Phpmyfaq Phpmyfaq 2.6.6
Phpmyfaq Phpmyfaq 2.6.2
Phpmyfaq Phpmyfaq 2.6.0
Phpletter Ajax File And Image Manager 0.8.24
Phpletter Ajax File And Image Manager 0.8.9
Phpletter Ajax File And Image Manager 0.8.8
6 EDB exploits
NA
CVE-2011-4074
Cross-site scripting (XSS) vulnerability in cmd.php in phpLDAPadmin 1.2.x prior to 1.2.2 allows remote malicious users to inject arbitrary web script or HTML via an _debug command.
Phpldapadmin Project Phpldapadmin 1.2.0
Phpldapadmin Project Phpldapadmin 1.2.0.1
Phpldapadmin Project Phpldapadmin 1.2.0.2
Phpldapadmin Project Phpldapadmin 1.2.0.3
Phpldapadmin Project Phpldapadmin 1.2.0.4
Phpldapadmin Project Phpldapadmin 1.2.0.5
Phpldapadmin Project Phpldapadmin 1.2.1
Phpldapadmin Project Phpldapadmin 1.2.1.1
1 EDB exploit
NA
CVE-2011-4075
The masort function in lib/functions.php in phpLDAPadmin 1.2.x prior to 1.2.2 allows remote malicious users to execute arbitrary PHP code via the orderby parameter (aka sortby variable) in a query_engine action to cmd.php, as exploited in the wild in October 2011.
Phpldapadmin Project Phpldapadmin 1.2.0
Phpldapadmin Project Phpldapadmin 1.2.0.1
Phpldapadmin Project Phpldapadmin 1.2.0.2
Phpldapadmin Project Phpldapadmin 1.2.0.3
Phpldapadmin Project Phpldapadmin 1.2.0.4
Phpldapadmin Project Phpldapadmin 1.2.0.5
Phpldapadmin Project Phpldapadmin 1.2.1
Phpldapadmin Project Phpldapadmin 1.2.1.1
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »