Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-5300
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some...
Wzdftpd Wzdftpd 0.8.0
Wzdftpd Wzdftpd 0.8.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote malicious users to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the ...
Redline Software Lanai Cms 1.2.14
4 EDB exploits
7.5
CVSSv2
CVE-2006-6634
Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and previous versions component for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events.php, (2) the ...
Mambo Extcalthai Module
2 EDB exploits
7.5
CVSSv2
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action...
Freewebshop Freewebshop 2.2.1
2 EDB exploits
7.5
CVSSv2
CVE-2007-4804
Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote malicious users to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may ...
Auracms Auracms 1.5 Rc
1 EDB exploit
7.5
CVSSv2
CVE-2007-4808
Multiple SQL injection vulnerabilities in TLM CMS 3.2 allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to news.php in a lirenews action, (2) the idnews parameter to goodies.php in a lire action, (3) the id parameter to file.php in a voir act...
Tlm Cms Tlm Cms 3.2
Tlm Cms Tlm Cms 1.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-4845
Multiple SQL injection vulnerabilities in UPLOAD/index.php in RW::Download 2.0.3 lite allow remote malicious users to execute arbitrary SQL commands via the (1) dlid or (2) cid parameter.
Rwscripts.com Rw Download Lite 2.0.3
1 EDB exploit
6.8
CVSSv2
CVE-2007-4886
Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote malicious users to execute arbitrary PHP code via a (1) UNC share pathname, or a (2) ftp, (3) ftps, or (4) ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is b...
Auracms Auracms 1.1
Auracms Auracms 1.2
Auracms Auracms 2.1
Auracms Auracms 1.6 Beta
Auracms Auracms 1.61
Auracms Auracms 1.3
Auracms Auracms 1.5
Auracms Auracms 1.0
Auracms Auracms 1.62
Auracms Auracms 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4905
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote malicious users to upload and execute arbitrary PHP files via the image parameter, which places a file under files/.
Auracms Auracms 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-4908
Directory traversal vulnerability in index.php in AuraCMS 2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter.
Auracms Auracms 1.5 Rc
Auracms Auracms 1.62
Auracms Auracms 1.0
Auracms Auracms 1.5
Auracms Auracms 2.0
Auracms Auracms 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »