Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuffsaid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3141
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042.
Phpwebthings Phpwebthings 1.5.2
1 EDB exploit
NA
CVE-2006-6715
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings[footer] parameter.
Powerscripts Powerclan
1 EDB exploit
NA
CVE-2006-6740
Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the incpath paramet...
Phpprofiles Phpprofiles 2.1
Phpprofiles Phpprofiles
1 EDB exploit
NA
CVE-2007-0135
PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the current_path parameter.
Aratix Aratix
1 EDB exploit
NA
CVE-2006-5412
admin.php in PHP Outburst Easynews 4.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Php Outburst Easynews
1 EDB exploit
NA
CVE-2006-5433
PHP remote file inclusion vulnerability in modules/guestbook/index.php in ALiCE-CMS 0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the CONFIG[local_root] parameter.
Timm Maass Alice Cms 0.1
1 EDB exploit
NA
CVE-2006-5497
PHP remote file inclusion vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the themesdir parameter.
Middlebury College Segue Cms
1 EDB exploit
NA
CVE-2006-6790
Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and previous versions allows remote malicious users to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php.
Ultimate Php Board Ultimate Php Board
1 EDB exploit
NA
CVE-2006-5730
PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this ...
Modxcms Modxcms 0.9.1
Modxcms Modxcms
1 EDB exploit
NA
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector...
Middlebury College Segue Cms 1.5.8
Middlebury College Segue Cms
Middlebury College Segue Cms 1.3.5
Middlebury College Segue Cms 1.5.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »