Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2405
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and previous versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard 1.5.3
Unclassified Newsboard Unclassified Newsboard 1.5.3 Patch3
Unclassified Newsboard Unclassified Newsboard 1.5.3a
Unclassified Newsboard Unclassified Newsboard 1.6.1
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2006-2406
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2006-2459
SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter.
Php Fusion Php Fusion 6.00.307
Php Fusion Php Fusion 6.00.306
1 EDB exploit
NA
CVE-2006-2460
Sugar Suite Open Source (SugarCRM) 4.2 and previous versions, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote malicious users to conduct attacks such as directory traversal or PHP remote ...
Sugarcrm Sugarcrm 3.5
Sugarcrm Sugarcrm 4.0
Sugarcrm Sugarcrm 4.1
Sugarcrm Sugarcrm 4.2
1 EDB exploit
NA
CVE-2006-1346
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP s...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
NA
CVE-2006-1347
SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
Greg Neustaetter Gcards
1 EDB exploit
NA
CVE-2006-1348
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be res...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
NA
CVE-2006-1371
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and previous versions allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
Xhp Cms
1 EDB exploit
NA
CVE-2006-1480
Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote malicious users to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (...
Duda Webalbum
1 EDB exploit
NA
CVE-2006-1495
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote malicious users to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
Phpcollab Phpcollab 2.5.rc3
Netoffice Netoffice 2.5.3 Pl1
Phpcollab Phpcollab 2.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »