Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zorlu vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-5649
SQL injection vulnerability in admin/admin.php in AlstraSoft Article Manager Pro 1.6 allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Alstrasoft Article Manager Pro 1.6
1 EDB exploit
935
VMScore
CVE-2008-4720
Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote malicious users to execute arbitrary PHP code via a URL in the lang parameter to (1) page/forums/bottom.php and (2) page/forums/category.php.
Arzdev Gemini Portal 4.7
1 EDB exploit
935
VMScore
CVE-2008-0805
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote malicious users to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...
Reality Medias Phpizabi 0.848b
1 EDB exploit
930
VMScore
CVE-2008-6543
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8...
Comscripts Quick Classifieds 1.0
36 EDB exploits
905
VMScore
CVE-2008-4767
Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote malicious users to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of...
Php-nuke Downloadsplus Module
1 EDB exploit
795
VMScore
CVE-2008-1466
Multiple PHP remote file inclusion vulnerabilities in W-Agora 4.0 allow remote malicious users to execute arbitrary PHP code via a URL in the bn_dir_default parameter to (1) add_user.php, (2) create_forum.php, (3) create_user.php, (4) delete_notes.php, (5) delete_user.php, (6) ed...
W-agora W-agora 4.0
9 EDB exploits
770
VMScore
CVE-2008-6438
SQL injection vulnerability in macgurublog_menu/macgurublog.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote malicious users to execute arbitrary SQL commands via the uid parameter, a different vector than CVE-2008-2455. NOTE: it was later reported that 2.1.4 is a...
E107coders Macguru Blog Engine Plugin 2.2
4 EDB exploits
770
VMScore
CVE-2007-0820
Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote malicious users to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of ...
Cedric Claire Portailphp 2
4 EDB exploits
765
VMScore
CVE-2014-9448
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a long string in a WAX file.
Mini-stream Rm-mp3 Converter 3.1.2.1.2010.03.30
3 EDB exploits
765
VMScore
CVE-2008-6196
Multiple PHP remote file inclusion vulnerabilities in Philippe CROCHAT EasySite 2.0 allow remote malicious users to execute arbitrary PHP code via a URL in the EASYSITE_BASE parameter to (1) browser.php, (2) image_editor.php and (3) skin_chooser.php in configuration/. NOTE: the p...
Philippe Crochat Easysite 2.0
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »