Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
k1tk4t vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-5300
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions allows remote malicious users to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow. NOTE: some...
Wzdftpd Wzdftpd 0.8.0
Wzdftpd Wzdftpd 0.8.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-4210
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote malicious users to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the ...
Redline Software Lanai Cms 1.2.14
4 EDB exploits
7.5
CVSSv2
CVE-2006-6634
Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and previous versions component for Mambo allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events.php, (2) the ...
Mambo Extcalthai Module
2 EDB exploits
7.5
CVSSv2
CVE-2007-6466
Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote malicious users to execute arbitrary SQL commands via (1) the prod parameter in a details action, (2) the cat parameter in a browse list action, or (3) the group parameter in a categories action...
Freewebshop Freewebshop 2.2.1
2 EDB exploits
7.5
CVSSv2
CVE-2007-4736
SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote malicious users to execute arbitrary SQL commands via the category_id parameter.
Cartkeeper Ckgold Shopping Cart 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-4905
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote malicious users to upload and execute arbitrary PHP files via the image parameter, which places a file under files/.
Auracms Auracms 2.1
1 EDB exploit
NA
CVE-2005-1032
Rejected reason: cart.php in LiteCommerce might allow remote malicious users to obtain sensitive information via invalid (1) category_id or (2) product_id parameters. NOTE: this issue was originally claimed to be due to SQL injection, but the original researcher is known to be fr...
1 EDB exploit
7.5
CVSSv2
CVE-2006-5495
Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik...
Trawler Trawler Web Cms
1 EDB exploit
7.5
CVSSv2
CVE-2006-5249
PHP remote file inclusion vulnerability in tagmin/delTagUser.php in TagIt! Tagboard 2.1.B Build 2 (tagit2b) allows remote malicious users to execute arbitrary PHP code via a URL in the configpath parameter.
Tagit Tagboard 2.1.b Build 2
1 EDB exploit
7.5
CVSSv2
CVE-2006-5254
PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_ab...
Mamboxchange Extended Registration
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »