Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ellipsis security vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-29536
In GNOME Epiphany prior to 41.4 and 42.x prior to 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Gnome Epiphany
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2006-3926
Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote malicious users to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php.
Php Pro Bid Php Pro Bid 5.24
2 EDB exploits
NA
CVE-2006-3271
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote malicious users to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) ...
Softbiz Dating Script 1.0
5 EDB exploits
NA
CVE-2006-3886
SQL injection vulnerability in Shalwan MusicBox 2.3.4 and previous versions allows remote malicious users to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is already covere...
Musicbox Musicbox 2.3
Musicbox Musicbox 2.3.3
Musicbox Musicbox 2.3.4
Musicbox Musicbox 2.3 Beta 2
1 EDB exploit
NA
CVE-2006-3927
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote malicious users to inject arbitrary web script or HTML via the advsrc parameter.
Php Pro Bid Php Pro Bid 5.24
1 EDB exploit
NA
CVE-2006-7072
Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and previous versions allows remote malicious users to inject arbitrary web script and HTML via the (1) b[username] and (2) c parameters to (a) index.php, the b[username] parameter to (b) admin/index.ph...
Geodesicsolutions Geoclassifieds Enterprise 2.0.5.2
Geodesicsolutions Geoclassifieds Enterprise 2.0.5.0
Geodesicsolutions Geoclassifieds Enterprise 2.0.5.1
1 EDB exploit
NA
CVE-2006-3405
Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.
Qto Qtofilemanager 1.0
1 EDB exploit
NA
CVE-2006-3259
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment).
E107 E107 0.547 Beta
E107 E107 0.548 Beta
E107 E107 0.555 Beta
E107 E107 0.6 10
E107 E107 0.600
E107 E107 0.601
E107 E107 0.609
E107 E107 0.610
E107 E107 0.616
E107 E107 0.617
E107 E107 0.7.1
E107 E107 0.7.2
E107 E107 0.552 Beta
E107 E107 0.553 Beta
E107 E107 0.6 13
E107 E107 0.6 14
E107 E107 0.604
E107 E107 0.605
E107 E107 0.606
E107 E107 0.613
E107 E107 0.614
E107 E107 0.6173
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started