Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2013-3212
vtiger CRM 5.4.0 and previous versions contain local file-include vulnerabilities in 'customerportal.php' which allows remote malicious users to view files and execute local script code.
Vtiger Vtiger Crm
1 EDB exploit
NA
CVE-2012-1125
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin prior to 1.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with a PHP extension, then accessing it via a direct request to the fi...
Kishore Asokan Kish Guest Posting Plugin
Kishore Asokan Kish Guest Posting Plugin 1.0
1 EDB exploit
NA
CVE-2015-7712
Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and previous versions allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary PHP code via the (1) asc or (2) desc parameter.
Atutor Atutor
NA
CVE-2015-7816
The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik prior to 2.15.0 allows remote malicious users to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF) attacks, and execute arbitrary PHP code via a crafted HTTP header.
Matomo Matomo
NA
CVE-2014-8790
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 up to and including 3.3.x prior to 3.3.5 Beta 1, when in certain configurations, allows remote malicious users to read arbitrary files via the data parameter.
Get-simple Getsimple Cms 3.3.2
Get-simple Getsimple Cms 3.2
Cagintranetworks Getsimple Cms 3.3.3
Cagintranetworks Getsimple Cms 3.3.4
Get-simple Getsimple Cms 3.1.1
Get-simple Getsimple Cms 3.1.2
Get-simple Getsimple Cms 3.2.1
Get-simple Getsimple Cms 3.2.2
Get-simple Getsimple Cms 3.3.0
Get-simple Getsimple Cms 3.2.3
Get-simple Getsimple Cms 3.3.1
NA
CVE-2008-2686
webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and previous versions allows remote malicious users to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request...
Flux Cms Flux Cms 1.3
Flux Cms Flux Cms 1.31
Flux Cms Flux Cms 1.4
Flux Cms Flux Cms
Flux Cms Flux Cms 1.2
1 EDB exploit
NA
CVE-2008-3118
SQL injection vulnerability in play.php in PHPmotion 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the vid parameter.
Phpmotion Phpmotion
Phpmotion Phpmotion 1.0
1 EDB exploit
NA
CVE-2009-1911
Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and previous versions, as used in TinyWebGallery (TWG) 1.7.6 and previous versions, allows remote malicious users to include and execute arbitrary local files via a .. (dot do...
Tinywebgallery Tinywebgallery 1.7.5.1
Tinywebgallery Tinywebgallery 1.7.5
Tinywebgallery Tinywebgallery 1.7.3.3
Tinywebgallery Tinywebgallery 1.7.3.2
Tinywebgallery Tinywebgallery 1.6.2
Tinywebgallery Tinywebgallery 1.6.1
Tinywebgallery Tinywebgallery 1.5.2.1 20.09.2006 1000
Tinywebgallery Tinywebgallery 1.5.2 17.09.2006 1000
Tinywebgallery Tinywebgallery 1.7.4.5
Tinywebgallery Tinywebgallery 1.7.4.4
Tinywebgallery Tinywebgallery 1.7.3.1
Tinywebgallery Tinywebgallery 1.7.3-12.05.2008
Tinywebgallery Tinywebgallery 1.6
Tinywebgallery Tinywebgallery 1.5.5 30.10.2006 2200
Tinywebgallery Tinywebgallery 1.5.1 03.09.2006
Tinywebgallery Tinywebgallery 1.5.0.2 17.08.2006
Tinywebgallery Tinywebgallery 1.4.0.4
Tinywebgallery Tinywebgallery 1.4.0.3
Tinywebgallery Tinywebgallery 1.1.2
Tinywebgallery Tinywebgallery 1.1.1
Tinywebgallery Tinywebgallery 1.4.1.1
Tinywebgallery Tinywebgallery 1.4.1
1 EDB exploit
NA
CVE-2007-5452
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote malicious users to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
Php-stats Php-stats 0.1.9.2
1 EDB exploit
NA
CVE-2008-2742
Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 up to and including 1.3.2 allows remote malicious users to execute arbitrary code by uploading a file with .php followed by a safe ex...
Achievo Achievo 1.2.0
Achievo Achievo 1.2.1
Achievo Achievo 1.3.0
Achievo Achievo 1.3.1
Achievo Achievo 1.3.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »