Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nukedx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6577
SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Neocrome Land Down Under 8.0
Neocrome Seditio 1.10
2 EDB exploits
NA
CVE-2006-6177
SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and previous versions allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demon...
Neocrome Seditio
1 EDB exploit
NA
CVE-2006-4365
Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.php.
Vistabb Vistabb
1 EDB exploit
NA
CVE-2006-4368
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Integramod Integramod Portal 2.0
1 EDB exploit
NA
CVE-2006-4369
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
Integramod Integramod Portal 2.0
1 EDB exploit
NA
CVE-2006-2793
SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the hid parameter.
Aspsitem Aspsitem 1.83
Aspsitem Aspsitem
1 EDB exploit
NA
CVE-2006-2794
Hesabim.asp in ASPSitem 2.0 and previous versions allows remote malicious users to read private messages of other users via a modified id parameter.
Aspsitem Aspsitem 1.83
Aspsitem Aspsitem
1 EDB exploit
NA
CVE-2006-2755
Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and previous versions allows remote malicious users to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords.
Ubbcentral Ubb.threads 5.0
Ubbcentral Ubb.threads 6.1.1
Ubbcentral Ubb.threads 6.2
Ubbcentral Ubb.threads 6.4.2
Ubbcentral Ubb.threads 6.4.3
Ubbcentral Ubb.threads 6.5.3
Ubbcentral Ubb.threads 5.5.1
Ubbcentral Ubb.threads 6.0
Ubbcentral Ubb.threads 6.2.1
Ubbcentral Ubb.threads 6.2.2
Ubbcentral Ubb.threads 6.4.4
Ubbcentral Ubb.threads 6.5
Ubbcentral Ubb.threads 6.0.3
Ubbcentral Ubb.threads 6.1
Ubbcentral Ubb.threads 6.4
Ubbcentral Ubb.threads 6.4.1
Ubbcentral Ubb.threads 6.5.2
Ubbcentral Ubb.threads 6.5.2 Beta2
Ubbcentral Ubb.threads 6.0.1
Ubbcentral Ubb.threads 6.0.2
Ubbcentral Ubb.threads 6.2.3
Ubbcentral Ubb.threads 6.3
1 EDB exploit
NA
CVE-2006-2725
SQL injection vulnerability in rss/posts.php in Eggblog prior to 3.07 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Epic Designs Eggblog
1 EDB exploit
NA
CVE-2006-2735
PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE:...
Activity Mod Plus Activity Mod Plus 1.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »