Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-5250
PHP remote file inclusion vulnerability in lib/googlesearch/GoogleSearch.php in BlueShoes 4.6_public and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the APP[path][lib] parameter, a different vector than CVE-2006-2864.
Blueshoes Blueshoes Framework
1 EDB exploit
NA
CVE-2006-5256
PHP remote file inclusion vulnerability in claroline/inc/lib/import.lib.php in Claroline 1.8.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the includePath parameter.
Claroline Claroline 1.6
Claroline Claroline 1.6 Beta
Claroline Claroline 1.7.5
Claroline Claroline 1.7.6
Claroline Claroline 1.2
Claroline Claroline 1.3
Claroline Claroline 1.6 Rc1
Claroline Claroline 1.7
Claroline Claroline 1.7.7
Claroline Claroline
Claroline Claroline 1.4
Claroline Claroline 1.5
Claroline Claroline 1.7.1
Claroline Claroline 1.7.2
Claroline Claroline 1.5.3
Claroline Claroline 1.5.4
Claroline Claroline 1.7.3
Claroline Claroline 1.7.4
1 EDB exploit
NA
CVE-2006-5308
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) prior to 1.1.6 allow remote malicious users to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
Open Conference Systems Open Conference Systems
1 EDB exploit
NA
CVE-2006-5310
PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote malicious users to execute arbitrary PHP code via a URL in the...
Phpmyconferences Phpmyconferences
J-pierre Dezelus Les Visiteurs 2.0.1
1 EDB exploit
NA
CVE-2007-4156
Multiple SQL injection vulnerabilities in wolioCMS allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to member.php in a page action, related to a SELECT statement in common.php; and the (2) loginid parameter (uid variable), and possibly the (...
Woliocms Woliocms
1 EDB exploit
NA
CVE-2008-3203
js/pages/pages_data.php in AuraCMS 2.2 up to and including 2.2.2 does not perform authentication, which allows remote malicious users to add, edit, and delete web content via a modified id parameter.
Auracms Auracms 2.2.2
Auracms Auracms 2.2
Auracms Auracms 2.2.1
1 EDB exploit
NA
CVE-2007-0181
PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote malicious users to execute arbitrary PHP code via a URL in the _config[site_path] parameter.
Scriptaty Magic Photo Storage Website
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4