Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
265
VMScore
CVE-2006-3571
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.
Papoo Papoo 2.1.2
Papoo Papoo 2.1.5
Papoo Papoo 3.0.0 Rc3
1 EDB exploit
465
VMScore
CVE-2006-3608
The Gallery module in Simone Vellei Flatnuke 2.5.7 and previous versions, when Gallery uploads are enabled, does not restrict the extensions of uploaded files that begin with a GIF header, which allows remote authenticated users to execute arbitrary PHP code via an uploaded .php ...
Flatnuke Flatnuke 1.8
Flatnuke Flatnuke 2.0
Flatnuke Flatnuke 1.6
Flatnuke Flatnuke 1.7
Flatnuke Flatnuke
Flatnuke Flatnuke 1.0
Flatnuke Flatnuke 1.5
Flatnuke Flatnuke 2.5.5
Flatnuke Flatnuke 2.5.6
Flatnuke Flatnuke 2.5.1
Flatnuke Flatnuke 2.5.3
1 EDB exploit
555
VMScore
CVE-2006-3611
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then i...
Phorum Phorum 3.2.2
Phorum Phorum
Phorum Phorum 5.0.15
Phorum Phorum 3.1.1 Pre
Phorum Phorum 5.0.1 Alpha
Phorum Phorum 3.4.6
Phorum Phorum 3.2.3
Phorum Phorum 5.0.13a
Phorum Phorum 5.0.15a
Phorum Phorum 3.2.7
Phorum Phorum 3.4.3
Phorum Phorum 5.0.2 Alpha
Phorum Phorum 5.0.5 Beta
Phorum Phorum 5.0.19
Phorum Phorum 5.1.13
Phorum Phorum 3.1.1
Phorum Phorum 3.2.8
Phorum Phorum 3.3.1a
Phorum Phorum 5.0.7a Beta
Phorum Phorum 3.4.4
Phorum Phorum 5.0.17
Phorum Phorum 5.0.17a
1 EDB exploit
685
VMScore
CVE-2006-3904
SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and previous versions, with magic_quotes_gpc disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Etomite Etomite 0.6
Etomite Etomite
1 EDB exploit
755
VMScore
CVE-2006-4859
Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and previous versions allows remote malicious users to upload PHP code to the images/contact folder via a filename with a double extension in t...
Limbo Cms Limbo Cms 1.0.4.1
Limbo Cms Limbo Cms 1.0.4.2
Limbo Cms Limbo Cms 1.0.4.2l
1 EDB exploit
645
VMScore
CVE-2006-4963
Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP c...
Exponent Exponent Cms 0.96.3
1 EDB exploit
755
VMScore
CVE-2006-5030
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
Exv2 Content Management System
1 EDB exploit
755
VMScore
CVE-2006-0565
PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.
Gerrit Van Aaken Loudblog 0.1
Gerrit Van Aaken Loudblog 0.2
Gerrit Van Aaken Loudblog 0.3
Gerrit Van Aaken Loudblog
1 EDB exploit
505
VMScore
CVE-2006-0714
Directory traversal vulnerability in the installation file (sql/install-0.9.7.php) in Flyspray 0.9.7 allows remote malicious users to include arbitrary files via a .. (dot dot) sequence in the adodbpath parameter.
Flyspray Flyspray 0.9.7
1 EDB exploit
755
VMScore
CVE-2005-3926
Direct static code injection vulnerability in error.php in GuppY 4.5.9 and previous versions, when register_globals is disabled, allows remote malicious users to execute arbitrary PHP code via the _SERVER[REMOTE_ADDR] parameter, which is injected into a .inc script that is later ...
Guppy Guppy 4.5.9
Guppy Guppy 4.5
Guppy Guppy 4.5.3
Guppy Guppy 4.5.3a
Guppy Guppy 4.5.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »