Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

hans-martin muench vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2014-7883
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote malicious users to obtain sensitive information by reading the headers of a response.
Hp Universal Configuration Management Database 10.11Hp Universal Configuration Management Database 10.01Hp Universal Configuration Management Database 9.05
NA
CVE-2014-6043
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the database via a direct request to event/runQuery.do. Fixed in Build 10000.
Zohocorp Manageengine Eventlog Analyzer 9.0Zohocorp Manageengine Eventlog Analyzer 8.2
NA
CVE-2015-1376
pixabay-images.php in the Pixabay Images plugin prior to 2.4 for WordPress does not validate hostnames, which allows remote authenticated users to write to arbitrary files via an upload URL with a host other than pixabay.com.
Pixabay Images Project Pixabay Images
NA
CVE-2015-1365
Directory traversal vulnerability in pixabay-images.php in the Pixabay Images plugin prior to 2.4 for WordPress allows remote malicious users to write to arbitrary files via a .. (dot dot) in the q parameter.
Pixabay Images Project Pixabay Images
NA
CVE-2015-1366
Cross-site scripting (XSS) vulnerability in pixabay-images.php in the Pixabay Images plugin prior to 2.4 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the image_user parameter.
Pixabay Images Project Pixabay Images
NA
CVE-2015-1375
pixabay-images.php in the Pixabay Images plugin prior to 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote malicious users to write to arbitrary files.
Pixabay Images Project Pixabay Images
NA
CVE-2014-6037
Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote malicious users to execute arbitrary code by uploading a ZIP file which contains an executable file with .. (dot dot) sequences in i...
Zohocorp Manageengine Eventlog Analyzer 9.0Zohocorp Manageengine Eventlog Analyzer 8.2
NA
CVE-2010-0738
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 prior to 4.2.0.CP09 and 4.3 prior to 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote malicious users to send requests...
Redhat Jboss Enterprise Application Platform 4.2.0Redhat Jboss Enterprise Application Platform 4.2Redhat Jboss Enterprise Application Platform 4.3.0Redhat Jboss Enterprise Application Platform 4.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook