Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1164
Nodez 4.6.1.1 and previous versions stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote malicious users to obtain usernames and password hashes by directly accessing list.gtdat.
Nodez Nodez 4.6.1.1
1 EDB exploit
NA
CVE-2006-1219
Directory traversal vulnerability in Gallery 2.0.3 and previous versions, and 2.1 before RC-2a, allows remote malicious users to include arbitrary PHP files via ".." (dot dot) sequences in the stepOrder parameter to (1) upgrade/index.php or (2) install/index.php.
Gallery Project Gallery 2.0.3
Gallery Project Gallery 2.0 Alpha
Gallery Project Gallery 2.0 Beta3
Gallery Project Gallery 2.1 Rc1
Gallery Project Gallery 2.0
Gallery Project Gallery 2.0 Alpha3
Gallery Project Gallery 2.0 Alpha4
Gallery Project Gallery 2.0 Alpha1
Gallery Project Gallery 2.0 Alpha2
Gallery Project Gallery 2.1 Rc2
Gallery Project Gallery 2.0.1
Gallery Project Gallery 2.0.2
Gallery Project Gallery 2.0 Beta1
Gallery Project Gallery 2.0 Beta2
1 EDB exploit
NA
CVE-2006-1243
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demo...
Alexander Palmo Simple Php Blog 0.4.6
Alexander Palmo Simple Php Blog 0.4.7
Alexander Palmo Simple Php Blog 0.4.0
Alexander Palmo Simple Php Blog 0.4.5
Alexander Palmo Simple Php Blog
1 EDB exploit
NA
CVE-2006-1291
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and previous versions does not require authentication for write access to the calendars directory, which allows remote malicious users to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filenam...
Php Icalendar Php Icalendar 2.0
Php Icalendar Php Icalendar 2.0.1
Php Icalendar Php Icalendar 2.0a2
Php Icalendar Php Icalendar 2.0b
Php Icalendar Php Icalendar 2.0c
Php Icalendar Php Icalendar 2.1
Php Icalendar Php Icalendar
1 EDB exploit
NA
CVE-2006-1292
Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and php...
Php Icalendar Php Icalendar 2.0
Php Icalendar Php Icalendar 2.0.1
Php Icalendar Php Icalendar 2.0a2
Php Icalendar Php Icalendar 2.0b
Php Icalendar Php Icalendar 2.0c
Php Icalendar Php Icalendar 2.1
Php Icalendar Php Icalendar
1 EDB exploit
NA
CVE-2006-1346
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP s...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
NA
CVE-2006-1347
SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
Greg Neustaetter Gcards
1 EDB exploit
NA
CVE-2006-1348
Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be res...
Greg Neustaetter Gcards
Greg Neustaetter Gcards 1.43
Greg Neustaetter Gcards 1.44
1 EDB exploit
NA
CVE-2011-4858
Apache Tomcat prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sendi...
Apache Tomcat 6.0.33
Apache Tomcat 7.0.12
Apache Tomcat 6.0.6
Apache Tomcat 7.0.20
Apache Tomcat 6.0.11
Apache Tomcat 6.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 6.0.22
Apache Tomcat 6.0.25
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 7.0.22
Apache Tomcat 5.5.35
Apache Tomcat 6.0.15
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.18
Apache Tomcat 6.0.20
Apache Tomcat 7.0.14
1 EDB exploit
NA
CVE-2005-2540
CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote malicious users to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, w...
Flatnuke Flatnuke 2.5.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »