Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuffsaid vulnerabilities and exploits
(subscribe to this query)
515
VMScore
CVE-2006-5412
admin.php in PHP Outburst Easynews 4.4.1 and previous versions, when register_globals is enabled, allows remote malicious users to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Php Outburst Easynews
1 EDB exploit
515
VMScore
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector...
Middlebury College Segue Cms 1.5.8
Middlebury College Segue Cms
Middlebury College Segue Cms 1.3.5
Middlebury College Segue Cms 1.5.7
1 EDB exploit
515
VMScore
CVE-2006-5730
PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this ...
Modxcms Modxcms 0.9.1
Modxcms Modxcms
1 EDB exploit
755
VMScore
CVE-2006-5837
Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote malicious users to inject arbitrary PHP code into chat_log.php via the msg parameter.
Simplechat Simplechat 1.0.0
1 EDB exploit
685
VMScore
CVE-2006-6686
PHP remote file inclusion vulnerability in sender.php in Carsen Klock TextSend 1.5 allows remote malicious users to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
Textsend Textsend
1 EDB exploit
755
VMScore
CVE-2006-6739
PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote malicious users to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689.
Paristemi Paristemi 0.8.3
1 EDB exploit
755
VMScore
CVE-2006-6760
Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter.
Phpmymanga Phpmymanga 0.5
Phpmymanga Phpmymanga 0.8
Phpmymanga Phpmymanga
Phpmymanga Phpmymanga 0.6
Phpmymanga Phpmymanga 0.7
1 EDB exploit
685
VMScore
CVE-2006-6770
Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Jukebox 2.7 and previous versions, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the include_path parameter in (1) popup.php, (2) rss.php, (3) ajax_requ...
Jinzora Jinzora 2.0.1
Jinzora Jinzora
1 EDB exploit
685
VMScore
CVE-2006-6796
PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the ins_file parameter.
Mtcms Mtcms
1 EDB exploit
685
VMScore
CVE-2007-3141
PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote malicious users to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042.
Phpwebthings Phpwebthings 1.5.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »