Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ghost hacker vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7087
PHP remote file inclusion vulnerability in search_wA.php in OpenPro 1.3.1 allows remote malicious users to execute arbitrary PHP code via a URL in the LIBPATH parameter.
Openpro Openpro 1.3.1
1 EDB exploit
NA
CVE-2008-6305
PHP remote file inclusion vulnerability in init.php in Free Directory Script 1.1.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the API_HOME_DIR parameter.
Freedirectoryscript Free Directory Script 1.1.1
1 EDB exploit
NA
CVE-2008-5932
CodeAvalanche FreeForum stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing the password via a direct request for _private/CAForum.mdb. NOTE: some of these details are obtai...
Codeavalanche Freeforum Nil
1 EDB exploit
NA
CVE-2008-5901
iyzi Forum 1.0 beta 3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file containing a password via a direct request for db/iyziforum.mdb. NOTE: some of these details are obtained from...
Iyziforum Iyzi Forum 1.0
1 EDB exploit
NA
CVE-2008-5596
Ikon AdManager 2.1 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for ikonBAnner_AdManager.mdb.
Dotnetindex Ikon Admanager
1 EDB exploit
NA
CVE-2008-5606
Gazatem QMail Mailing List Manager 1.2 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for qmail.mdb.
Gazatem Technologies Qmail Mailing List Manager 1.2
1 EDB exploit
NA
CVE-2008-5572
Professional Download Assistant 0.1 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for database/downloads.mdb.
Dotnetindex Professional Download Assistant 0.1
1 EDB exploit
NA
CVE-2008-4751
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 2.0 allows remote malicious users to inject arbitrary web script or HTML via the pg parameter, a different vector than CVE-2005-4597.
Epistream Ipei Guestbook 2.0
1 EDB exploit
NA
CVE-2008-4737
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote malicious users to inject arbitrary web script or HTML via the dom parameter.
Noc2 Whodomlite 1.1.3
1 EDB exploit
NA
CVE-2008-4669
Cross-site scripting (XSS) vulnerability in search.php in Dan Fletcher Recipe Script allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third par...
Dan Fletcher Recipe Script
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »