Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuffsaid vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2006-6686
PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote malicious users to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
Textsend Textsend
1 EDB exploit
755
VMScore
CVE-2006-6720
PHP remote file inclusion vulnerability in admin/index_sitios.php in Azucar CMS 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the _VIEW parameter.
Azucar Cms Azucar Cms 1.3
1 EDB exploit
515
VMScore
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector...
Middlebury College Segue Cms 1.5.8
Middlebury College Segue Cms
Middlebury College Segue Cms 1.3.5
Middlebury College Segue Cms 1.5.7
1 EDB exploit
755
VMScore
CVE-2006-5837
Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote malicious users to inject arbitrary PHP code into chat_log.php via the msg parameter.
Simplechat Simplechat 1.0.0
1 EDB exploit
685
VMScore
CVE-2006-6042
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_bottom parameter.
Phpwebthings Phpwebthings
1 EDB exploit
515
VMScore
CVE-2006-5412
admin.php in PHP Outburst Easynews 4.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Php Outburst Easynews
1 EDB exploit
265
VMScore
CVE-2006-5432
Multiple direct static code injection vulnerabilities in db/txt.inc.php in phpPowerCards 2.10, when register_globals is enabled, allow remote malicious users to create or overwrite arbitrary files via the (1) email[to], (2) email[from], (3) name[to], (4) name[from], (5) picture, ...
Marc Giombetti Phppowercards 2.10
1 EDB exploit
685
VMScore
CVE-2007-0135
PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the current_path parameter.
Aratix Aratix
1 EDB exploit
515
VMScore
CVE-2006-6715
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the settings[footer] parameter.
Powerscripts Powerclan
1 EDB exploit
755
VMScore
CVE-2006-6739
PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote malicious users to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689.
Paristemi Paristemi 0.8.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »