Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
federico fazzi vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-3019
Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote malicious users to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) clas...
Phpcms Phpcms 1.2.1 P12
10 EDB exploits
5.1
CVSSv2
CVE-2006-2922
Multiple PHP remote file inclusion vulnerabilities in MiraksGalerie 2.62 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) g_pcltar_lib_dir parameter in (a) pcltar.lib.php when register_globals is enabled, and (2) listconfigfile[] parameter in (b) ga...
Miraks Miraksgalerie 2.62
2 EDB exploits
6.4
CVSSv2
CVE-2006-3076
PHP remote file inclusion vulnerability in software_upload/public_includes/pub_templates/vphptree/template.php in PhpBlueDragon CMS 2.9.1 allows remote malicious users to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter.
Phpbluedragon Phpbluedragon Cms 2.9.1
1 EDB exploit
5.1
CVSSv2
CVE-2006-2928
Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter in (1) dialogs/img.php and (2) dialogs/td.php.
Cms-bandits Cms-bandits 2.5
1 EDB exploit
5
CVSSv2
CVE-2006-2971
Integer overflow in the recv_packet function in 0verkill 0.16 allows remote malicious users to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function.
Overkill Overkill 0.16
1 EDB exploit
5.8
CVSSv2
CVE-2006-3189
Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Hotplug Cms Hotplug Cms 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-3042
Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php...
Ispconfig Ispconfig 2.2.3
1 EDB exploit
5
CVSSv2
CVE-2006-5568
FtpXQ Server 3.0.1 allows remote malicious users to cause a denial of service (CPU exhaustion) via a long MKD command.
Datawizard Ftpxq 3.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-3172
Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote malicious users to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll...
Content\\*builder Content\\*builder 0.7.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started