Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indoushka vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0755
PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote malicious users to execute arbitrary PHP code via a URL in the langFile parameter.
Wikyblog Wikyblog 1.7.3
1 EDB exploit
NA
CVE-2010-0756
Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote malicious users to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_Wiky, or (3) index.php/Edit/Main.
Wikyblog Wikyblog 1.7.3
1 EDB exploit
NA
CVE-2010-0757
Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension using the uploadform action, then accessing it via a direct request to the file in userfile...
Wikyblog Wikyblog 1.7.3
1 EDB exploit
NA
CVE-2010-0365
Cross-site scripting (XSS) vulnerability in search.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allows remote malicious users to inject arbitrary web script or HTML via the order parameter.
Bitscripts Bits Video Script 2.04
Bitscripts Bits Video Script 2.05
1 EDB exploit
NA
CVE-2010-0390
Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1.0, when Apache is not configured to handle the mime-type for files with pjpeg or jpeg extensions, allows remote malicious users to execute arbitrary code by uploading a file w...
Phpf1 Max\\'s Image Uploader 1.0
1 EDB exploit
NA
CVE-2010-1065
Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/lebisoft.mdb.
Lebisoft Ziyaretci Defteri 7.4
Lebisoft Ziyaretci Defteri 7.5
1 EDB exploit
NA
CVE-2005-0952
Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Php Arena Pafiledb 3.1
1 EDB exploit
NA
CVE-2012-1198
base_ag_main.php in Basic Analysis and Security Engine (BASE) 1.4.5 allows remote malicious users to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action.
Secureideas Basic Analysis And Security Engine 1.4.5
1 EDB exploit
NA
CVE-2012-1211
Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote malicious users to inject arbitrary web script or HTML via the filecat parameter.
Powie Pfile 1.02
1 EDB exploit
NA
CVE-2009-4446
Cross-site scripting (XSS) vulnerability in admin.php in phpInstantGallery 1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Ikemcg Phpinstantgallery 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »