Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fred vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-1010178
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixe...
Modx Fred 1.0.0
7.2
CVSSv2
CVE-1999-0137
The dip program on many Linux systems allows local users to gain root access via a buffer overflow.
Fred N. Van Kempen Dip 3.3.7o
2 EDB exploits
4.3
CVSSv2
CVE-2008-5271
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote malicious users to inject arbitrary web script or HTML via the section parameter.
Syndeocms Syndeocms 2.6.0
1 EDB exploit
6.8
CVSSv2
CVE-2007-5840
PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman SyndeoCMS 2.5.01 allows remote malicious users to execute arbitrary PHP code via a URL in the cmsdir parameter, a different vector than CVE-2006-4920.2.
Syndeocms Syndeocms 2.5.1
1 EDB exploit
4
CVSSv2
CVE-2008-5272
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, re...
Syndeocms Syndeocms 2.6.0
1 EDB exploit
7.6
CVSSv2
CVE-2006-3747
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions prior to 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote malicious users to cause a denial of service (application crash) and possib...
Apache Http Server
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 3.1
4 EDB exploits
2 Github repositories
5
CVSSv2
CVE-2010-4301
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 up to and including 1.4.1 allows remote malicious users to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.
Wireshark Wireshark 1.4.0
Wireshark Wireshark 1.4.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started