Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2005-3929
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote malicious users to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.
Xaraya Xaraya 1.0 Rc3
Xaraya Xaraya 1.0 Rc4
Xaraya Xaraya 1.0 Rc1
Xaraya Xaraya 1.0 Rc2
1 EDB exploit
755
VMScore
CVE-2005-3968
SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and previous versions allows remote malicious users to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter.
Phpx Phpx 3.5.9
Phpx Phpx 3.5.2
Phpx Phpx 3.5
Phpx Phpx 3.5.3
Phpx Phpx 3.5.7
Phpx Phpx 3.5.1
Phpx Phpx 3.5.8
Phpx Phpx 3.5.4
Phpx Phpx 3.5.5
Phpx Phpx 3.5.6
1 EDB exploit
755
VMScore
CVE-2005-4171
The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote malicious users to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes th...
Efiction Project Efiction 1.1
1 EDB exploit
505
VMScore
CVE-2011-4858
Apache Tomcat prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sendi...
Apache Tomcat 6.0.33
Apache Tomcat 7.0.12
Apache Tomcat 6.0.6
Apache Tomcat 7.0.20
Apache Tomcat 6.0.11
Apache Tomcat 6.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 6.0.22
Apache Tomcat 6.0.25
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 7.0.22
Apache Tomcat 5.5.35
Apache Tomcat 6.0.15
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 6.0.20
Apache Tomcat 7.0.14
1 EDB exploit
405
VMScore
CVE-2005-4449
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbi...
Flatnuke Flatnuke 2.5.6
1 EDB exploit
505
VMScore
CVE-2011-5035
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allo...
Oracle Glassfish Server
Oracle Glassfish Server 2.1.1
Oracle Glassfish Server 3.0.1
1 EDB exploit
785
VMScore
CVE-2007-2430
shared/code/tce_tmx.php in TCExam 4.0.011 and previous versions allows remote malicious users to create arbitrary PHP files in cache/ by placing file contents and directory traversal manipulations into a SessionUserLang cookie to public/code/index.php.
Tecnick.com Tcexam
1 EDB exploit
685
VMScore
CVE-2007-2431
Dynamic variable evaluation vulnerability in shared/config/tce_config.php in TCExam 4.0.011 and previous versions allows remote malicious users to conduct cross-site scripting (XSS) and possibly other attacks by modifying critical variables such as $_SERVER, as demonstrated by in...
Tecnick.com Tcexam
1 EDB exploit
785
VMScore
CVE-2007-2539
The show_files function in RunCms 1.5.2 and previous versions allows remote malicious users to obtain sensitive information (file existence and file metadata) via unspecified vectors.
Runcms Runcms
1 EDB exploit
755
VMScore
CVE-2006-7247
SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the title parameter.
Joomla Com Weblinks
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »