Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mhz91 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-4815
Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote malicious users to execute arbitrary PHP code via a URL in the Codebase parameter to (1) channeledit.php, (2) post.php, (3) view.php, or (4) viewitem.php in source/mod/r...
Markus Iser Ed Engine 0.8999 Alpha
1 EDB exploit
NA
CVE-2008-0818
Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php.
Freephpgallery Freephpgallery 0.6
1 EDB exploit
NA
CVE-2007-6474
Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote malicious users to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vectors.
Gf 3xplorer Gf 3xplorer 2.4
1 EDB exploit
NA
CVE-2007-6488
Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the dir[classes] parameter to sitemap.xml.php or (2) the error parameter to errors.php.
Falcon Series One Cms 1.4.3
1 EDB exploit
NA
CVE-2007-6489
Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) gb_mail, (2) gb_name, and (3) gb_text parameters in a guestbook action to index.php, and unspecified other vectors.
Falcon Series One Cms 1.4.3
1 EDB exploit
NA
CVE-2007-6490
Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote malicious users to change a password via a certain changepass action to index.php.
Falcon Series One Cms 1.4.3
1 EDB exploit
NA
CVE-2007-6178
Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the confdir parameter to (1) dbutil.bck.php and (2) dbutil.php in config/.
Easy Hosting Control Panel Easy Hosting Control Panel 0.22.8
1 EDB exploit
NA
CVE-2007-6179
Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote malicious users to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2) gallery.php in decoder/.
Kinson Chan Charray Cms 0.9.3
1 EDB exploit
NA
CVE-2007-6344
Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the template parameter.
Mcms Easy Web Make 0
1 EDB exploit
NA
CVE-2007-6475
Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the lang_sel parameter to (1) updater.php and (2) thumber.php.
Gf 3xplorer Gf 3xplorer 2.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »