Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nukedx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6177
SQL injection vulnerability in system/core/users/users.profile.inc.php in Neocrome Seditio 1.10 and previous versions allows remote authenticated users to execute arbitrary SQL commands via a double-url-encoded id parameter to users.php that begins with a valid filename, as demon...
Neocrome Seditio
1 EDB exploit
4.3
CVSSv2
CVE-2006-0175
Cross-site scripting (XSS) vulnerability in search_form.asp in Web Wiz Forums 6.34 allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Webwiz Web Wiz Forums 6.34
1 EDB exploit
7.5
CVSSv2
CVE-2006-4368
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Integramod Integramod Portal 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-1994
PHP remote file inclusion vulnerability in dForum 1.5 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the DFORUM_PATH parameter to (1) about.php, (2) admin.php, (3) anmelden.php, (4) losethread.php, (5) config.php, (6) delpost.php, (...
Dforum Dforum 1.5
1 EDB exploit
10
CVSSv2
CVE-2006-1000
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
G2soft Pentacle In-out Board 6.03
1 EDB exploit
7.5
CVSSv2
CVE-2006-0870
SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.
Mini-nuke Mini-nuke Cms
1 EDB exploit
5
CVSSv2
CVE-2006-2002
PHP remote file inclusion vulnerability in stats.php in MyGamingLadder 7.0 allows remote malicious users to execute arbitrary PHP code via a URL in the dir[base] parameter.
Mygamingladder Mygamingladder 7.0
1 EDB exploit
7.5
CVSSv2
CVE-2006-2005
Eval injection vulnerability in index.php in ClanSys 1.1 allows remote malicious users to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been d...
Clansys Clansys 1.1
1 EDB exploit
5.8
CVSSv2
CVE-2006-2028
Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the imagedir parameter. NOTE: this issue might be resultant from directory traversal.
Simplog Simplog
1 EDB exploit
6.4
CVSSv2
CVE-2006-2032
Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php.
Corenews Corenews
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »