Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gold_m vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-6651
Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote malicious users to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.
Oxyproject Oxybox 0.85
1 EDB exploit
1000
VMScore
CVE-2008-4873
board.cgi in Sepal SPBOARD 4.5 allows remote malicious users to execute arbitrary commands via shell metacharacters in the file parameter during a down_file action.
Sepal Spboard 4.5
1 EDB exploit
1000
VMScore
CVE-2008-4502
Multiple PHP remote file inclusion vulnerabilities in DataFeedFile (DFF) PHP Framework API allow remote malicious users to execute arbitrary PHP code via a URL in the DFF_config[dir_include] parameter to (1) DFF_affiliate_client_API.php, (2) DFF_featured_prdt.func.php, (3) DFF_me...
Datafeedfile Dff Framework Api
1 EDB exploit
1000
VMScore
CVE-2007-2200
Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote malicious users to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.
Pagode Pagode 0.5.8
1 EDB exploit
1000
VMScore
CVE-2007-1697
PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the CssFile parameter.
Philex Philex
1 EDB exploit
1000
VMScore
CVE-2007-1640
Multiple PHP remote file inclusion vulnerabilities in ClassWeb 2.03 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the BASE parameter to (1) language.php and (2) phpadmin/survey.php.
Classweb Classweb
1 EDB exploit
1000
VMScore
CVE-2007-1620
Multiple PHP remote file inclusion vulnerabilities in PHP DB Designer 1.02 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) _SESSION[SITE_PATH] parameter to (a) wind/help.php or (b) wind/about.php, or the (2) _SESSION[DRIVER] p...
Php Db Designer Php Db Designer
1 EDB exploit
1000
VMScore
CVE-2007-1621
PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CV...
Lbstone Active Php Bookmark Notes
1 EDB exploit
1000
VMScore
CVE-2007-1372
PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 module for PHP-Nuke allows remote malicious users to execute arbitrary PHP code via a URL in the tpl_pgb_moddir parameter.
Postguestbook Postguestbook 0.6.1
1 EDB exploit
945
VMScore
CVE-2009-1437
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and previous versions allows remote malicious users to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.
Coolplayer Coolplayer 2.19.1
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »