Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero-x vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-6555
cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote malicious users to execute arbitrary commands via shell metacharacters in the dig command.
Puppetmaster Webutil 2.3
Puppetmaster Webutil 2.7
1 EDB exploit
10
CVSSv2
CVE-2007-6176
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
Amensa-soft K\\+b-bestellsystem 2.3.3
1 EDB exploit
7.5
CVSSv2
CVE-2004-0070
PHP remote file inclusion vulnerability in module.php for ezContents allows remote malicious users to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
Visualshapers Ezcontents
1 EDB exploit
7.5
CVSSv2
CVE-2003-1131
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote malicious users to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Activecampaign Knowledgebuilder 3.0.1
Activecampaign Knowledgebuilder 2.0.1
Activecampaign Knowledgebuilder 2.1.0
Activecampaign Knowledgebuilder 2.1.4
1 EDB exploit
7.5
CVSSv2
CVE-2002-2190
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote malicious users to obtain the passwords via an HTTP request to a .user file.
Artscore Studios Cutecast Forum 1.2
1 EDB exploit
7.5
CVSSv2
CVE-2000-0187
EZShopper 3.0 loadpage.cgi CGI script allows remote malicious users to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.
Alex Heiphetz Group Ezshopper 3.0
2 EDB exploits
5
CVSSv2
CVE-2004-0237
Directory traversal vulnerability in index.php in Aprox PHP Portal allows remote malicious users to read arbitrary files via a full pathname in the show parameter.
1 EDB exploit
5
CVSSv2
CVE-2003-1207
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
5
CVSSv2
CVE-2003-1545
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote malicious users to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addo...
Nukestyles Viewpage
Phpnuke Nukestyles Viewpage Module
1 EDB exploit
5
CVSSv2
CVE-2003-1166
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote malicious users to view arbitrary files via a .. (dot dot) in the file parameter.
Http Commander Http Commander 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »