Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kingoftheworld vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2008-7163
Directory traversal vulnerability in mods/Integrated/index.php in SineCMS 2.3.5 and previous versions, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via the sine[config][index_main] parameter.
Sinecms Sinecms 2.1.1
Sinecms Sinecms 2.1
Sinecms Sinecms 2.2
Sinecms Sinecms 2.2.1
Sinecms Sinecms 2.0
Sinecms Sinecms
Sinecms Sinecms 2.3.2
Sinecms Sinecms 2.3.4
1 EDB exploit
755
VMScore
CVE-2008-0233
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and previous versions allows remote malicious users to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
Zero Cms Zero Cms 1.0 Alpha
1 EDB exploit
755
VMScore
CVE-2008-0232
Multiple SQL injection vulnerabilities in Zero CMS 1.0 Alpha allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to index.php, or the (2) f or t parameters to forums/index.php.
Zero Cms Zero Cms 1.0 Alpha
1 EDB exploit
755
VMScore
CVE-2007-6396
Direct static code injection vulnerability in index.php in Flat PHP Board 1.2 and previous versions allows remote malicious users to inject arbitrary PHP code via the (1) username, (2) password, and (3) email parameters when registering a user account, which can be executed by ac...
Myupb Flat Php Board 1.2
1 EDB exploit
505
VMScore
CVE-2007-6397
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and previous versions allow remote malicious users to (1) create arbitrary files via a .. (dot dot) in the username parameter when registering a user account, and (2) read arbitrary PHP files via a .....
Flat Php Board
1 EDB exploit
655
VMScore
CVE-2007-6399
index.php in Flat PHP Board 1.2 and previous versions allows remote authenticated users to obtain the password for the current user account by reading the password parameter value in the HTML source for the page generated by a profile action.
Myupb Flat Php Board
1 EDB exploit
505
VMScore
CVE-2007-6395
Flat PHP Board 1.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain credentials via a direct request for the username php file for any user account in users/.
Flat Php Board
1 EDB exploit
505
VMScore
CVE-2007-6398
Flat PHP Board 1.2 and previous versions allows remote malicious users to bypass authentication and obtain limited access to an arbitrary user account via the fpb_username cookie.
Flat Php Board
1 EDB exploit
435
VMScore
CVE-2007-6367
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) username (user) or (2) comment (commento) field, different vectors than CVE-2007-2357.
Sinecms Sinecms
1 EDB exploit
755
VMScore
CVE-2007-6366
Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the id parameter to mods/Calendar/index.php, accessed through a Calendar info action to mods.php; the id parameter to admin/mods_ad...
Sinecms Sinecms
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »