Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staker vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-4592
Directory traversal vulnerability in index.php in Sports Clubs Web Panel 0.0.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
Sportspanel Sports Clubs Web Portal 0.0.1
2 EDB exploits
10
CVSSv2
CVE-2008-4486
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and previous versions, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
Yerba Yerba
Yerba Yerba 6.28
2 EDB exploits
9.3
CVSSv2
CVE-2008-6734
Directory traversal vulnerability in Public/index.php in Keller Web Admin CMS 0.94 Pro allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the action parameter.
Keller Web Admin Kwa 0.94
2 EDB exploits
7.8
CVSSv2
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote malicious users to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
Easy-script Wysi Wiki Wyg 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4106
Unrestricted file upload vulnerability in admintools/editpage-2.php in Agoko CMS 0.4 and previous versions allows remote malicious users to inject and execute arbitrary PHP code via the filename and text parameters.
Ohloh Agoko Cms
1 EDB exploit
7.5
CVSSv2
CVE-2008-7069
All Club CMS (ACCMS) 0.0.2 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain database configuration information, including credentials, via a direct request to accms.dat.
Paul Arbogast Accms 0.0.1c
Paul Arbogast Accms 0.0.1a
Paul Arbogast Accms
Paul Arbogast Accms 0.0.1h
Paul Arbogast Accms 0.0.1f
Paul Arbogast Accms 0.0.1g
Paul Arbogast Accms 0.0.1d
Paul Arbogast Accms 0.0.1e
1 EDB exploit
7.5
CVSSv2
CVE-2008-6952
SQL injection vulnerability in Rss.php in MauryCMS 0.53.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the c parameter.
Cms.maury91 Maurycms 0.53.2
1 EDB exploit
7.5
CVSSv2
CVE-2009-2176
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and previous versions, when magic_quotes_gpc is disabled, allow remote malicious users to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.ph...
Fuzzylime Fuzzylime Cms 3.03a
1 EDB exploit
7.5
CVSSv2
CVE-2009-2147
SQL injection vulnerability in fdown.php in phpWebThings 1.5.2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Phpwebthings Phpwebthings 1.0
Phpwebthings Phpwebthings 0.3
Phpwebthings Phpwebthings 0.2b
Phpwebthings Phpwebthings 0.2
Phpwebthings Phpwebthings 0.1
Phpwebthings Phpwebthings
Phpwebthings Phpwebthings 1.1a
Phpwebthings Phpwebthings 1.4
Phpwebthings Phpwebthings 0.4.1
Phpwebthings Phpwebthings 0.4
Phpwebthings Phpwebthings 1.4.4
Phpwebthings Phpwebthings 1.5.0
Phpwebthings Phpwebthings 1.5.1
Phpwebthings Phpwebthings 0.4.2
Phpwebthings Phpwebthings 0.6.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-6795
SQL injection vulnerability in view_news.php in nicLOR Vibro-School-CMS allows remote malicious users to execute arbitrary SQL commands via the nID parameter.
Niclor Vibro-school-cms
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »