CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-2701

Malware in sbrugna...

5CVSS6.1AI score0.0144EPSS

Exploits1References9

Cvelist•added 2009/02/27 11:0 a.m.•14 views

CVE-2008-6315

PHP remote file inclusion vulnerability in conf/core/common-tpl-vars.php in PHPmyGallery 1.0 beta2 allows remote attackers to execute arbitrary PHP code via a URL in the confdir parameter, a different issue than CVE-2008-6316...

7.3AI score0.03676EPSS

Exploits1References2

0day.today•added 2008/12/09 12:0 a.m.•19 views

PHPmyGallery 1.5beta (common-tpl-vars.php) LFI/RFI Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== PHPmyGallery 1.5beta common-tpl-vars.php LFI/RFI Vulnerabilities ================================================================== Phpmygallery-1.5beta common-tpl-vars.php...

7.1AI score

Exploits0

Prion•added 2008/05/12 8:20 p.m.•11 views

Design/Logic Flaw

wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATHINFO $PHPSELF, which allows remote attackers to bypass intended access restrictions for certain pages...

7.5CVSS7.2AI score0.00583EPSS

Exploits1References5Affected Software1

OSV•added 2008/05/12 8:20 p.m.•0 views

DEBIAN-CVE-2008-2146

7.5CVSS7AI score0.00583EPSS

Exploits1References1

Cvelist•added 2008/05/12 8:0 p.m.•15 views

CVE-2008-2146

6.5AI score0.00583EPSS

Exploits1References5

CVE•added 2008/01/04 11:0 a.m.•36 views

CVE-2007-6658

CVE-2007-6658 concerns a SQL injection in the CustomCMS (CCMS) 3.1 Demo, specifically in the files/admin.php/vars.php. The underlying issue is an injection vulnerability exploitable via the p parameter on the Console page, enabling remote attackers to execute arbitrary SQL commands. The available...

7.5CVSS8.4AI score0.00924EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/05/31 10:0 a.m.•17 views

CVE-2006-2702

vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PCREMOTEADDR HTTP header, which vars.php uses to redefine $SERVER'REMOTEADDR'...

6.5AI score0.0144EPSS

Exploits1References8

CVE•added 2006/05/31 10:0 a.m.•44 views

CVE-2006-2702

CVE-2006-2702 : WordPress 2.0.2 contains a vulnerability where vars.php may redefine $_SERVER['REMOTE_ADDR'] using the PC_REMOTE_ADDR HTTP header, allowing remote IP spoofing (noted on Mac OS X). The issue is supported by connected advisories indicating remediation through upgrading to WordPress ...

5CVSS6.5AI score0.0144EPSS

Exploits1References8Affected Software1

Debian CVE•added 2006/05/31 10:0 a.m.•16 views

CVE-2006-2702

5CVSS5AI score0.0144EPSS

Exploits1

Patchstack•added 2006/05/30 12:0 a.m.•13 views

WordPress <= 2.0.2 - Shell Injection

Because of this vulnerability in vars.php, the attackers can spoof their IP address via a PCREMOTEADDR HTTP header and include a remote file. Solution Update the WordPress to the latest available version at least 2.0.3...

5CVSS3.1AI score0.0144EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by