Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indoushka vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1199
Multiple PHP remote file inclusion vulnerabilities in Basic Analysis and Security Engine (BASE) 1.4.5 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) BASE_path parameter to base_ag_main.php, (2) base_db_setup.php, (3) base_graph_common.php, (4) bas...
Secureideas Basic Analysis And Security Engine 1.4.5
38 EDB exploits
NA
CVE-2010-2005
Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the selected_language parameter to engine/inc/include/init.php, (2) the config[langs] parameter to engine/inc/help.php, (3) ...
Datalifecms Datalife Engine 8.3
4 EDB exploits
NA
CVE-2012-1200
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote malicious users to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to administrator/modules/moduleslist.php, (3) filename parameter to includes/...
Nova-cms Nova Cms -
4 EDB exploits
NA
CVE-2010-0366
Multiple unrestricted file upload vulnerabilities in (1) register.php and (2) addvideo.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allow remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a dire...
Bitscripts Bits Video Script 2.04
Bitscripts Bits Video Script 2.05
2 EDB exploits
NA
CVE-2010-0367
Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta, and possibly 2.04, allow remote malicious users to execute arbitrary PHP code via a URL in the rowptem[template] parameter to (1) showcasesearch.php and (2) showcase2search.php.
Bitscripts Bits Video Script 2.04
Bitscripts Bits Video Script 2.05
2 EDB exploits
NA
CVE-2010-1111
Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete Website allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to joke.php and the (2) searchingred parameter to results.php.
Easysitenetwork Jokes Complete Website
2 EDB exploits
NA
CVE-2004-1975
Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote malicious users to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.
Php Arena Pafiledb 3.0
Php Arena Pafiledb 3.0 Beta 3.1
Php Arena Pafiledb 3.1
1 EDB exploit
NA
CVE-2012-1210
SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pfile 1.02
1 EDB exploit
NA
CVE-2012-1211
Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote malicious users to inject arbitrary web script or HTML via the filecat parameter.
Powie Pfile 1.02
1 EDB exploit
NA
CVE-2009-4461
Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php.
Flatpress Flatpress 0.909
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »