Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4063
Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get...
Csaba Godor Sapid Blog Beta 2 Initial
4 EDB exploits
NA
CVE-2006-4962
Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and previous versions allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence via the phpExt parameter, as demonstrated by executing PHP code in a log file.
Blue Dragon Php Blue Dragon Platinum 2.8.0
Blue Dragon Php Blue Dragon Platinum 2.9.1
2 EDB exploits
NA
CVE-2007-6172
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
NA
CVE-2006-4237
PHP remote file inclusion vulnerability in pageheaderdefault.inc.php in Invisionix Roaming System Remote (IRSR) 0.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the _sysSessionPath parameter.
Invisionix Systems Invisionix Roaming System Remote
1 EDB exploit
NA
CVE-2006-4329
Multiple PHP remote file inclusion vulnerabilities in Shadows Rising RPG (Pre-Alpha) 0.0.5b and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) core/includes/security.inc.php, (2) core/includes/smarty...
Shadows Rising Rpg Shadows Rising Rpg
1 EDB exploit
NA
CVE-2006-4419
SQL injection vulnerability in note.php in ProManager 0.73 allows remote malicious users to execute arbitrary SQL commands via the note_id parameter.
Promanager Promanager 0.73
1 EDB exploit
NA
CVE-2006-4458
Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and previous versions allows remote malicious users to include arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the GLOBALS[phpgw_info][user][pr...
Phpgroupware Phpgroupware 0.9.16.010
1 EDB exploit
NA
CVE-2007-2320
SQL injection vulnerability in kontakt.php in Papoo 3.02 and previous versions allows remote malicious users to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478.
Papoo Papoo
1 EDB exploit
NA
CVE-2007-2935
core/spellcheck/spellcheck.php in Fundanemt prior to 2.2.0.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the dict parameter.
Fundanemt Fundanemt
1 EDB exploit
NA
CVE-2007-3139
config/general.php in Quick.Cart 2.2 and previous versions uses a default username and password, which allows remote malicious users to access the application via a login action to admin.php. NOTE: this can be leveraged to upload and execute arbitrary code.
Open Solution Quick.cart
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »