Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
egix vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-0911
TikiWiki CMS/Groupware prior to 6.7 LTS and prior to 8.4 allows remote malicious users to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) printpages or (3) printstructures parameter to (a) tiki-print_multi_pages.p...
Tiki Tikiwiki Cms\\/groupware
2 EDB exploits
7.5
CVSSv2
CVE-2012-1495
install/index.php in WebCalendar prior to 1.2.5 allows remote malicious users to execute arbitrary code via the form_single_user_login parameter.
Webcalendar Project Webcalendar
2 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2011-4453
The PageListSort function in scripts/pagelist.php in PmWiki 2.x prior to 2.2.35 allows remote malicious users to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive, leading to unintended use of the PHP create_function function.
Pmwiki Pmwiki 2.0.9
Pmwiki Pmwiki 2.1.0
Pmwiki Pmwiki 2.1.1
Pmwiki Pmwiki 2.1.2
Pmwiki Pmwiki 2.1.16
Pmwiki Pmwiki 2.1.17
Pmwiki Pmwiki 2.1.18
Pmwiki Pmwiki 2.1.19
Pmwiki Pmwiki 2.2.0
Pmwiki Pmwiki 2.0.0
Pmwiki Pmwiki 2.0.10
Pmwiki Pmwiki 2.0.12
Pmwiki Pmwiki 2.0.5
Pmwiki Pmwiki 2.0.7
Pmwiki Pmwiki 2.1.4
Pmwiki Pmwiki 2.1.6
Pmwiki Pmwiki 2.1.13
Pmwiki Pmwiki 2.1.15
Pmwiki Pmwiki 2.1.20
Pmwiki Pmwiki 2.1.22
Pmwiki Pmwiki 2.2.1
Pmwiki Pmwiki 2.2.8
2 EDB exploits
6.8
CVSSv2
CVE-2019-17132
vBulletin up to and including 5.5.4 mishandles custom avatars.
Vbulletin Vbulletin
1 EDB exploit
6.8
CVSSv2
CVE-2011-4449
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, which makes it easier for remote malicious users to execute arbitrary PHP code by ...
Wikkawiki Wikkawiki 1.3.2
Wikkawiki Wikkawiki 1.3.1
2 EDB exploits
7.5
CVSSv2
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager prior to 1.1, as used in tinymce prior to 1.4.2, phpMyFAQ 2.6 prior to 2.6.19 and 2.7 prior to 2.7.1, and possibly other products, allows remote malicious users to inject arbitrary PHP cod...
Phpletter Ajax File And Image Manager 1.0
Phpletter Ajax File And Image Manager 0.5.7
Phpletter Ajax File And Image Manager 0.5.5
Phpletter Ajax File And Image Manager 0.5
Phpletter Ajax File And Image Manager
Phpmyfaq Phpmyfaq 2.7.0
Phpmyfaq Phpmyfaq 2.6.10
Phpmyfaq Phpmyfaq 2.6.5
Phpmyfaq Phpmyfaq 2.6.4
Phpmyfaq Phpmyfaq 2.6.3
Phpletter Ajax File And Image Manager 0.9
Phpletter Ajax File And Image Manager 0.7.10
Phpletter Ajax File And Image Manager 0.6.12
Phpmyfaq Phpmyfaq 2.6.18
Phpmyfaq Phpmyfaq 2.6.16
Phpmyfaq Phpmyfaq 2.6.8
Phpmyfaq Phpmyfaq 2.6.6
Phpmyfaq Phpmyfaq 2.6.2
Phpmyfaq Phpmyfaq 2.6.0
Phpletter Ajax File And Image Manager 0.8.24
Phpletter Ajax File And Image Manager 0.8.9
Phpletter Ajax File And Image Manager 0.8.8
6 EDB exploits
5
CVSSv2
CVE-2021-26598
ImpressCMS prior to 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).
Impresscms Impresscms
7.5
CVSSv2
CVE-2021-26599
ImpressCMS prior to 1.4.3 allows include/findusers.php groups SQL Injection.
Impresscms Impresscms
6.8
CVSSv2
CVE-2008-6132
Eval injection vulnerability in reserve.php in phpScheduleIt 1.2.10 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via the start_date parameter.
Brickhost Phpscheduleit 1.0 Rc1
Brickhost Phpscheduleit 1.2.0
Brickhost Phpscheduleit 1.2.5
Brickhost Phpscheduleit 1.2.6
Brickhost Phpscheduleit 1.2.1
Brickhost Phpscheduleit 1.2.2
Brickhost Phpscheduleit 1.2.9
Brickhost Phpscheduleit 1.0.0rc1
Brickhost Phpscheduleit 1.0
Brickhost Phpscheduleit 1.2.3
Brickhost Phpscheduleit 1.2.4
Brickhost Phpscheduleit
Brickhost Phpscheduleit 1.2.7
Brickhost Phpscheduleit 1.2.8
2 EDB exploits
7.5
CVSSv2
CVE-2020-13380
openSIS prior to 7.4 allows SQL Injection.
Os4ed Opensis
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »