Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rgod vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3103
Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php.
Bitweaver Bitweaver 1.3
1 EDB exploit
NA
CVE-2006-3105
CRLF injection vulnerability in Bitweaver 1.3 allows remote malicious users to conduct HTTP response splitting attacks by via CRLF sequences in multiple unspecified parameters that are injected into HTTP headers, as demonstrated by the BWSESSION parameter in index.php.
Bitweaver Bitweaver 1.3
1 EDB exploit
NA
CVE-2006-7070
Unrestricted file upload vulnerability in manager/media/ibrowser/scripts/rfiles.php in Etomite CMS 0.6.1 and previous versions allows remote malicious users to upload and execute arbitrary files via an nfile[] parameter with a filename that contains a .php extension followed by a...
Etomite Etomite
Etomite Etomite 0.6
1 EDB exploit
NA
CVE-2012-2052
Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x prior to 12.0.5 and CS5.1 12.1.x prior to 12.1.1 allows remote malicious users to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value i...
Adobe Photoshop Cs5.1 12.1
Adobe Photoshop Cs5 12.0
Adobe Photoshop Cs5 12.0.2
Adobe Photoshop Cs5 12.0.4
Adobe Photoshop Cs5 12.0.1
Adobe Photoshop Cs5 12.0.3
1 EDB exploit
NA
CVE-2005-4449
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbi...
Flatnuke Flatnuke 2.5.6
1 EDB exploit
NA
CVE-2006-0786
Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and previous versions, with allow_url_fopen enabled, allows remote malicious users to conduct PHP remote file include attacks via a path parameter that specifies a (1) UNC share or (2) ftps URL, which byp...
Phpkit Phpkit
1 EDB exploit
NA
CVE-2005-3390
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote malicious users to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS&...
Php Php 3.0.14
Php Php 3.0.15
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.5
Php Php 4.3.6
Php Php 5.0.2
Php Php 5.0.3
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
1 EDB exploit
NA
CVE-2005-4171
The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote malicious users to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes th...
Efiction Project Efiction 1.1
1 EDB exploit
NA
CVE-2005-4213
SQL injection vulnerability in mod.php in phpCOIN 1.2.2 allows remote malicious users to execute arbitrary SQL commands via the phpcoinsessid cookie.
Coinsoft Technologies Phpcoin 1.2.2
1 EDB exploit
NA
CVE-2006-3532
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter.
Pivot Pivot 1.30 Rc2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »