Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
andrea fabrizi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4554
Multiple cross-site scripting (XSS) vulnerabilities in Snitz Forums 2000 3.4.07 allow remote malicious users to inject arbitrary web script or HTML via (1) the url parameter to pop_send_to_friend.asp, related to a crafted onload attribute of an IMG element; or (2) an onload attri...
Snitz Communications Snitz Forums 2000 3.4.07
3 EDB exploits
NA
CVE-2009-4742
Multiple SQL injection vulnerabilities in Docebo 3.6.0.3 allow remote malicious users to execute arbitrary SQL commands via (1) the word parameter in a play help action to the faq module, reachable through index.php; (2) the word parameter in a play keyw action to the link module...
Docebo Docebo 3.6.0.3
1 EDB exploit
NA
CVE-2005-0999
SQL injection vulnerability in the Top module for PHP-Nuke 6.x up to and including 7.6 allows remote malicious users to execute arbitrary SQL commands via the querylang parameter.
Francisco Burzi Php-nuke 6.5 Final
Francisco Burzi Php-nuke 6.5 Rc1
Francisco Burzi Php-nuke 7.1
Francisco Burzi Php-nuke 7.2
Francisco Burzi Php-nuke 6.0
Francisco Burzi Php-nuke 6.6
Francisco Burzi Php-nuke 6.7
Francisco Burzi Php-nuke 7.5
Francisco Burzi Php-nuke 7.6
Francisco Burzi Php-nuke 6.5
Francisco Burzi Php-nuke 6.5 Beta1
Francisco Burzi Php-nuke 6.9
Francisco Burzi Php-nuke 7.0
Francisco Burzi Php-nuke 7.0 Final
Francisco Burzi Php-nuke 6.5 Rc2
Francisco Burzi Php-nuke 6.5 Rc3
Francisco Burzi Php-nuke 7.3
Francisco Burzi Php-nuke 7.4
1 EDB exploit
NA
CVE-2011-5028
Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and previous versions, as used in Novell Sentinel prior to 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter...
Novell Sentinel Log Manager
1 EDB exploit
NA
CVE-2013-3586
Samsung Web Viewer for Samsung DVR devices allows remote malicious users to bypass authentication via an arbitrary SessionID value in a cookie.
Samsung Smart Viewer -
Samsung Dvr -
1 EDB exploit
NA
CVE-2013-3585
Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent malicious users to obtain sensitive information via vectors involving (1) direct access to a file or (2) the user-setup web page.
Samsung Smart Viewer -
1 EDB exploit
NA
CVE-2013-6987
Multiple directory traversal vulnerabilities in the FileBrowser components in Synology DiskStation Manager (DSM) prior to 4.3-3810 Update 3 allow remote malicious users to read, write, and delete arbitrary files via a .. (dot dot) in the (1) path parameter to file_delete.cgi or (...
Synology Diskstation Manager 4.3-3810
1 EDB exploit
1 Github repository
NA
CVE-2009-3828
The web interface for Everfocus EDR1600 DVR allows remote malicious users to bypass authentication and access live cams via certain vectors.
Everfocus Edr1600
1 EDB exploit
NA
CVE-2009-4571
Multiple SQL injection vulnerabilities in index.php in PhpShop 0.8.1 allow remote malicious users to execute arbitrary SQL commands via the (1) module_id parameter in an admin/function_list action, the (2) vendor_id parameter in a vendor/vendor_form action, the (3) module_id para...
Phpshop Phpshop 0.8.1
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started