Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file away project file away vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0431
The File Away WordPress plugin up to and including 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
File Away Project File Away
7.5
CVSSv2
CVE-2005-2103
Buffer overflow in the AIM and ICQ module in Gaim prior to 1.5.0 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Gaim Project Gaim
1 EDB exploit
NA
CVE-2022-36667
Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE.
Garage Management System Project Garage Management System 1.0
5
CVSSv2
CVE-2011-3848
Directory traversal vulnerability in Puppet 2.6.x prior to 2.6.10 and 2.7.x prior to 2.7.4 allows remote malicious users to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject o...
Puppet Puppet 2.6.2
Puppet Puppet 2.6.3
Puppetlabs Puppet 2.7.0
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.0
Puppet Puppet 2.6.1
Puppet Puppet 2.6.8
Puppet Puppet 2.6.9
Puppet Puppet 2.6.6
Puppet Puppet 2.6.7
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.7.2
Puppet Puppet 2.7.3
6.3
CVSSv2
CVE-2011-3869
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.3
Puppet Puppet 2.6.1
Puppet Puppet 2.6.8
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.3
Puppet Puppet 2.6.2
Puppet Puppet 2.6.9
Puppet Puppet 2.6.4
Puppet Puppet 2.6.5
Puppet Puppet 2.6.10
Puppet Puppet 2.7.4
Puppet Puppet 2.6.0
Puppet Puppet 2.6.7
Puppet Puppet 2.6.6
Puppet Puppet 0.25.1
Puppet Puppet 0.25.2
Puppet Puppet 0.25.3
Puppet Puppet 0.25.0
Puppet Puppet 0.25.6
Puppet Puppet 0.25.4
6.2
CVSSv2
CVE-2011-3871
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.4
Puppet Puppet 2.6.3
Puppet Puppet 2.6.10
Puppet Puppet 2.6.0
Puppet Puppet 2.6.6
Puppet Puppet 2.6.5
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.4
Puppet Puppet 2.6.2
Puppet Puppet 2.6.1
Puppet Puppet 2.7.3
Puppet Puppet 2.6.9
Puppet Puppet 2.6.8
Puppet Puppet 2.6.7
Puppet Puppet 0.25.4
Puppet Puppet 0.25.5
Puppet Puppet 0.25.3
Puppet Puppet 0.25.2
Puppet Puppet 0.25.1
Puppet Puppet 0.25.0
6.3
CVSSv2
CVE-2011-3870
Puppet 2.7.x prior to 2.7.5, 2.6.x prior to 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
Puppetlabs Puppet 2.7.0
Puppet Puppet 2.7.4
Puppet Puppet 2.6.2
Puppet Puppet 2.6.1
Puppet Puppet 2.7.2
Puppetlabs Puppet 2.7.1
Puppet Puppet 2.6.4
Puppet Puppet 2.6.3
Puppet Puppet 2.6.10
Puppet Puppet 2.6.0
Puppet Puppet 2.6.6
Puppet Puppet 2.6.5
Puppet Puppet 2.7.3
Puppet Puppet 2.6.9
Puppet Puppet 2.6.8
Puppet Puppet 2.6.7
Puppet Puppet 0.25.3
Puppet Puppet 0.25.2
Puppet Puppet 0.25.4
Puppet Puppet 0.25.5
Puppet Puppet 0.25.1
Puppet Puppet 0.25.0
5
CVSSv2
CVE-2005-2370
Multiple "memory alignment errors" in libgadu, as used in ekg prior to 1.6rc2, Gaim prior to 1.5.0, and other packages, allows remote malicious users to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
Ekg Ekg 2005-04-11
Ekg Ekg 2005-06-05
Rob Flynn Gaim
Ekg Ekg 1.3
Ekg Ekg 1.4
Ekg Ekg 1.1
Ekg Ekg 1.5
Ekg Ekg 1.6 Rc1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started