Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kacper vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-6172
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
1000
VMScore
CVE-2006-7183
PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the toroot parameter.
Photography-on-the-net Exhibit Engine 2
1 EDB exploit
1000
VMScore
CVE-2007-1643
Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in (1) the CONFIG[directories][userpanel_dir] parameter to userpanel.php or the (2) _LIB_DIR par...
Lan Management System Lan Management System
1 EDB exploit
935
VMScore
CVE-2006-6869
Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and previous versions, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) ...
Maxdev Mdforum
1 EDB exploit
770
VMScore
CVE-2006-4063
Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get...
Csaba Godor Sapid Blog Beta 2 Initial
4 EDB exploits
760
VMScore
CVE-2014-9173
SQL injection vulnerability in view.php in the Google Doc Embedder plugin prior to 2.5.15 for WordPress allows remote malicious users to execute arbitrary SQL commands via the gpid parameter.
Google Doc Embedder Project Google Doc Embedder
2 EDB exploits
760
VMScore
CVE-2006-7128
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote malicious users to execute arbitrary PHP code via a URL in the website parameter.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
760
VMScore
CVE-2006-4278
PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the mainnav parameter.
Sportsphool Sportsphool 1.0
2 EDB exploits
755
VMScore
CVE-2017-11151
A vulnerability in synotheme_upload.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to upload arbitrary files without authentication via the logo_upload action.
Synology Photo Station
Synology Photo Station 6.3-2967
1 EDB exploit
755
VMScore
CVE-2017-11153
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station prior to 6.7.3-3432 and 6.3-2967 allows remote malicious users to gain administrator privileges via a crafted serialized payload.
Synology Photo Station 6.3-2967
Synology Photo Station
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »