Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

elar lang vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv3
CVE-2016-4040
SQL injection vulnerability in the Workflow Screen in dotCMS prior to 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
7.2
CVSSv3
CVE-2016-10008
SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS prior to 3.7.2 and 4.x prior to 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter.
Dotcms Dotcms
9.8
CVSSv3
CVE-2016-8902
SQL injection vulnerability in the categoriesServlet servlet in dotCMS prior to 3.3.1 allows remote not authenticated malicious users to execute arbitrary SQL commands via the sort parameter.
Dotcms Dotcms
8.8
CVSSv3
CVE-2016-8903
SQL injection vulnerability in the "Site Browser > Templates pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
8.8
CVSSv3
CVE-2016-8904
SQL injection vulnerability in the "Site Browser > Containers pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
8.8
CVSSv3
CVE-2016-8905
SQL injection vulnerability in the JSONTags servlet in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the sort parameter.
Dotcms Dotcms
8.8
CVSSv3
CVE-2016-8906
SQL injection vulnerability in the "Site Browser > Links pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
8.8
CVSSv3
CVE-2016-8908
SQL injection vulnerability in the "Site Browser > HTML pages" screen in dotCMS prior to 3.3.1 allows remote authenticated malicious users to execute arbitrary SQL commands via the orderby parameter.
Dotcms Dotcms
7.5
CVSSv3
CVE-2016-4803
CRLF injection vulnerability in the send email functionality in dotCMS prior to 3.3.2 allows remote malicious users to inject arbitrary email headers via CRLF sequences in the subject.
Dotcms Dotcms
6.5
CVSSv3
CVE-2018-18809
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperRepo...
Tibco Jasperreports Server 6.4.0Tibco Jasperreports Library 6.4.1Tibco Jasperreports Server 6.4.2Tibco Jasperreports Library 6.4.2Tibco Jasperreports ServerTibco Jasperreports Server 6.4.1Tibco Jasperreports Server 6.4.3Tibco Jasperreports Server 7.1.0Tibco Jasperreports Server 6.3.4Tibco Jasperreports LibraryTibco Jasperreports Library 6.3.4Tibco Jasperreports Library 6.4.21Tibco Jasperreports Library 7.1.0Tibco Jasperreports Library 7.2.0Tibco Jaspersoft Reporting And AnalyticsTibco Jaspersoft
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook