Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ashiyane digital security team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9119
Directory traversal vulnerability in download.php in the DB Backup plugin 4.5 and previous versions for Wordpress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Db Backup Project Db Backup
1 EDB exploit
NA
CVE-2012-6653
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin prior to 1.2.0 for WordPress has unspecified impact and attack vectors.
All Video Gallery Plugin Project All Video Gallery Plugin 1.0.0
All Video Gallery Plugin Project All Video Gallery Plugin
1 EDB exploit
NA
CVE-2013-7187
SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and previous versions for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ncrafts Formcraft 1.3.1
Ncrafts Formcraft 1.3
Ncrafts Formcraft
Ncrafts Formcraft 1.3.6
Ncrafts Formcraft 1.2.1
Ncrafts Formcraft 1.2
Ncrafts Formcraft 1.3.3
Ncrafts Formcraft 1.3.2
Ncrafts Formcraft 1.3.5
Ncrafts Formcraft 1.3.4
Ncrafts Formcraft 1.1
1 EDB exploit
NA
CVE-2013-6873
SQL injection vulnerability in Testa Online Test Management System (OTMS) 2.0.0.2 allows remote malicious users to execute arbitrary SQL commands via the test_id parameter.
Testa Online Test Management System 2.0.0.2
1 EDB exploit
NA
CVE-2013-5961
Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in lazy-seo/.
Danny Morris Lazy Seo 1.1.9
1 EDB exploit
NA
CVE-2013-3532
SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the theme parameter.
Webdorado Spider Video Player 2.1
1 EDB exploit
NA
CVE-2013-3530
SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote malicious users to execute arbitrary SQL commands via the playlist_id parameter.
Fabricio Zuardi Xspf Player Plugin 0.1
1 EDB exploit
NA
CVE-2005-2077
Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote malicious users to inject arbitrary web script or HTML via the error parameter.
Hosting Controller Hosting Controller 1.1
Hosting Controller Hosting Controller 6.1 Hotfix 1.7
Hosting Controller Hosting Controller 6.1 Hotfix 1.9
Hosting Controller Hosting Controller 1.4.1
Hosting Controller Hosting Controller 1.4b
Hosting Controller Hosting Controller 6.1
Hosting Controller Hosting Controller 6.1 Hotfix 1.4
Hosting Controller Hosting Controller 1.3
Hosting Controller Hosting Controller 1.4
Hosting Controller Hosting Controller 6.1 Hotfix 2.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started