Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gammarays vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2007-2092
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) allows remote malicious users to inject arbitrary PHP code into posts.txt via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained sole...
Limesoft Limesoft Guestbook 1.0
1 EDB exploit
755
VMScore
CVE-2007-2093
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote malicious users to inject arbitrary PHP code into posts.txt via the message parameter.
Limesoft Limesoft Guestbook 1.0
1 EDB exploit
755
VMScore
CVE-2007-2141
Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 allows remote malicious users to inject arbitrary PHP code into shouts.php via the shout parameter.
Shoutpro Shoutpro
1 EDB exploit
1000
VMScore
CVE-2007-2147
admin/options.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions does not check for administrative credentials, which allows remote malicious users to read and modify the classes/vars.php and classes/varstuff.php configuration files via direct requests.
Stephen Craton Chatness
1 EDB exploit
655
VMScore
CVE-2007-2148
Direct static code injection vulnerability in admin/save.php in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, wh...
Stephen Craton Chatness
1 EDB exploit
1000
VMScore
CVE-2007-2149
Stephen Craton (aka WiredPHP) Chatness 2.5.3 and previous versions stores usernames and unencrypted passwords in (1) classes/vars.php and (2) classes/varstuff.php, and recommends 0666 or 0777 permissions for these files, which allows local users to gain privileges by reading the ...
Stephen Craton Chatness
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started