Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gammarays vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-2092
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) allows remote malicious users to inject arbitrary PHP code into posts.txt via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...
Limesoft Limesoft Guestbook 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-2093
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote malicious users to inject arbitrary PHP code into posts.txt via the message parameter.
Limesoft Limesoft Guestbook 1.0
1 EDB exploit
10
CVSSv2
CVE-2007-2147
admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions does not check for administrative credentials, which allows remote malicious users to read and modify the classes/vars.php and classes/varstuff.php configuration files via direct requests.
Stephen Craton Chatness
1 EDB exploit
6.5
CVSSv2
CVE-2007-2148
Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, wh...
Stephen Craton Chatness
1 EDB exploit
10
CVSSv2
CVE-2007-2149
Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the ...
Stephen Craton Chatness
1 EDB exploit
7.5
CVSSv2
CVE-2007-2141
Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote malicious users to inject arbitrary PHP code into shouts.php via the shout parameter.
Shoutpro Shoutpro
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started