Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zero-x vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-6555
cgi-bin/webutil.pl in The Puppet Master WebUtil allows remote malicious users to execute arbitrary commands via shell metacharacters in the dig command.
Puppetmaster Webutil 2.3
Puppetmaster Webutil 2.7
1 EDB exploit
1000
VMScore
CVE-2007-6176
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
Amensa-soft K\\+b-bestellsystem 2.3.3
1 EDB exploit
760
VMScore
CVE-2000-0187
EZShopper 3.0 loadpage.cgi CGI script allows remote malicious users to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.
Alex Heiphetz Group Ezshopper 3.0
2 EDB exploits
755
VMScore
CVE-2004-0070
PHP remote file inclusion vulnerability in module.php for ezContents allows remote malicious users to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code.
Visualshapers Ezcontents
1 EDB exploit
755
VMScore
CVE-2003-1131
PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote malicious users to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code.
Activecampaign Knowledgebuilder 3.0.1
Activecampaign Knowledgebuilder 2.0.1
Activecampaign Knowledgebuilder 2.1.0
Activecampaign Knowledgebuilder 2.1.4
1 EDB exploit
755
VMScore
CVE-2002-2190
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote malicious users to obtain the passwords via an HTTP request to a .user file.
Artscore Studios Cutecast Forum 1.2
1 EDB exploit
505
VMScore
CVE-2004-0237
Directory traversal vulnerability in index.php in Aprox PHP Portal allows remote malicious users to read arbitrary files via a full pathname in the show parameter.
1 EDB exploit
505
VMScore
CVE-2003-1207
Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string.
Crob Crob Ftp Server 3.5.1
1 EDB exploit
505
VMScore
CVE-2003-1545
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote malicious users to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addo...
Nukestyles Viewpage
Phpnuke Nukestyles Viewpage Module
1 EDB exploit
505
VMScore
CVE-2003-1166
Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote malicious users to view arbitrary files via a .. (dot dot) in the file parameter.
Http Commander Http Commander 4.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »