Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
s.w.a.t. vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-4757
PHP remote file inclusion vulnerability in menu.php in phpMytourney allows remote malicious users to execute arbitrary PHP code via a URL in the functions_file parameter.
Phpmytourney Phpmytourney
1 EDB exploit
5.8
CVSSv2
CVE-2008-0501
Directory traversal vulnerability in phpMyClub 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page_courante parameter to the top-level URI.
Sourceforge Phpmyclub 0.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-0573
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the racineTBS parameter.
Nsgalphp Nsgalphp 0.41
1 EDB exploit
6.8
CVSSv2
CVE-2008-6751
Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settin...
Revou Tclone
1 EDB exploit
7.5
CVSSv2
CVE-2007-4978
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
Phpsyncml Phpsyncml
1 EDB exploit
7.5
CVSSv2
CVE-2008-6150
SQL injection vulnerability in classdis.asp in SepCity Classified Ads allows remote malicious users to execute arbitrary SQL commands via the ID parameter.
Sepcity Classified Ads -
1 EDB exploit
7.5
CVSSv2
CVE-2007-6137
SQL injection vulnerability in news.php in Content Injector 1.52 allows remote malicious users to execute arbitrary SQL commands via the cat parameter to index.php. NOTE: some of these details are obtained from third party information.
P3mbo Content Injector 1.52
1 EDB exploit
7.5
CVSSv2
CVE-2008-4709
SQL injection vulnerability in news_read.php in Pilot Group (PG) eTraining allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Pilot Group Etraining
1 EDB exploit
7.5
CVSSv2
CVE-2008-0144
PHP remote file inclusion vulnerability in index.php in NetRisk 1.9.7 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the page parameter. NOTE: this can also be leveraged for local file inclusion using directory traversal sequences.
Phprisk Netrisk 1.9.7
1 EDB exploit
6.8
CVSSv2
CVE-2007-5315
PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the livealbum_dir parameter.
Softpedia Livealbum 0.9.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »