Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
high-tech bridge sa vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-4170
A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information.
Freereprintables Articlefr
1 EDB exploit
NA
CVE-2013-6788
The Bitrix e-Store module prior to 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote malicious users to guess the cookie value and bypass authentication via a brute force attack.
Bitrix Bitrix E-store Module
6.1
CVSSv3
CVE-2015-3421
The eshop_checkout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and previous versions does not validate variables in the "eshopcart" HTTP cookie, which allows remote malicious users to perform cross-site scripting (XSS) attacks, or a path disclosure att...
Eshop Project Eshop
NA
CVE-2012-4233
LibreOffice 3.5.x prior to 3.5.7.2 and 3.6.x prior to 3.6.1, and OpenOffice.org (OOo), allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon ...
Libreoffice Libreoffice 3.5.0
Libreoffice Libreoffice 3.5.3
Libreoffice Libreoffice 3.5.1
Libreoffice Libreoffice 3.5.4
Libreoffice Libreoffice 3.5.
Libreoffice Libreoffice 3.5.6
Libreoffice Libreoffice 3.5.6.1
Libreoffice Libreoffice 3.5.2
Libreoffice Libreoffice 3.5.5
Libreoffice Libreoffice 3.5.5.1
Sun Openoffice.org -
Libreoffice Libreoffice 3.5.6.2
Libreoffice Libreoffice 3.5.6.3
Libreoffice Libreoffice
Libreoffice Libreoffice 3.5
Libreoffice Libreoffice 3.5.5.2
Libreoffice Libreoffice 3.5.5.3
NA
CVE-2012-1664
Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax prior to 2.5.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) username parameter in a process action to admin/login.php; (2) pageTitle, (3) current_product_id, or (4)...
Oscmax Oscmax
9 EDB exploits
NA
CVE-2011-5214
Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) modules/admin/admin_module_index.php, or (3) modules/calendar/customise_cal...
Browsercrm Browsercrm 4.999.20
Browsercrm Browsercrm 4.691.01
Browsercrm Browsercrm 4.622.00
Browsercrm Browsercrm 4.620.01
Browsercrm Browsercrm 4.612.00
Browsercrm Browsercrm 4.611.01
Browsercrm Browsercrm
Browsercrm Browsercrm 5.100.00
Browsercrm Browsercrm 4.624.90
Browsercrm Browsercrm 4.624.80
Browsercrm Browsercrm 4.619.00
Browsercrm Browsercrm 4.617.00
Browsercrm Browsercrm 4.610.00
Browsercrm Browsercrm 4.607.00
Browsercrm Browsercrm 5.002.00
Browsercrm Browsercrm 5.001.00
Browsercrm Browsercrm 4.624.70
Browsercrm Browsercrm 4.624.60
Browsercrm Browsercrm 4.616.00
Browsercrm Browsercrm 4.615.11
Browsercrm Browsercrm 4.605.00
Browsercrm Browsercrm 4.604.01
4 EDB exploits
NA
CVE-2012-1507
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM prior to 2.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, o...
Orangehrm Orangehrm 2.6.0
Orangehrm Orangehrm 2.6.0.1
Orangehrm Orangehrm
Orangehrm Orangehrm 2.6.2
Orangehrm Orangehrm 2.6.9
Orangehrm Orangehrm 2.6
Orangehrm Orangehrm 2.6.11.3
Orangehrm Orangehrm 2.6.12
Orangehrm Orangehrm 2.6.7
Orangehrm Orangehrm 2.6.8
Orangehrm Orangehrm 2.6.8.1
Orangehrm Orangehrm 2.6.11
Orangehrm Orangehrm 2.6.11.2
Orangehrm Orangehrm 2.6.5
Orangehrm Orangehrm 2.6.6
Orangehrm Orangehrm 2.6.1
Orangehrm Orangehrm 2.6.10
Orangehrm Orangehrm 2.6.3
Orangehrm Orangehrm 2.6.4
3 EDB exploits
NA
CVE-2012-0991
Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/pati...
Openemr Openemr 4.1.0
3 EDB exploits
NA
CVE-2011-4802
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4...
Dolibarr Dolibarr Erp\\/crm 2.9.0
Dolibarr Dolibarr Erp\\/crm 2.8.1
Dolibarr Dolibarr Erp\\/crm
Dolibarr Dolibarr Erp\\/crm 2.6.0
Dolibarr Dolibarr Erp\\/crm 3.0.0
Dolibarr Dolibarr Erp\\/crm 2.7.1
Dolibarr Dolibarr Erp\\/crm 2.6.1
Dolibarr Dolibarr Erp\\/crm 2.5.0
Dolibarr Dolibarr Erp\\/crm 2.7.0
Dolibarr Dolibarr Erp\\/crm 2.8.0
Dolibarr Dolibarr Erp\\/crm 3.0.1
3 EDB exploits
NA
CVE-2012-1039
Multiple cross-site scripting (XSS) vulnerabilities in Dotclear prior to 2.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) stat...
Dotclear Dotclear 1.2.8
Dotclear Dotclear 1.2.7
Dotclear Dotclear 2.0
Dotclear Dotclear 1.2.2
Dotclear Dotclear 1.2.5
Dotclear Dotclear 2.2.1
Dotclear Dotclear 2.3.0
Dotclear Dotclear 2.0.1
Dotclear Dotclear 2.0.2
Dotclear Dotclear 1.2.6
Dotclear Dotclear 1.2.3
Dotclear Dotclear 2.1.3
Dotclear Dotclear 2.1.7
Dotclear Dotclear 1.2.4
Dotclear Dotclear 2.2.2
Dotclear Dotclear 2.2
Dotclear Dotclear 2.1.5
Dotclear Dotclear 2.1.1
Dotclear Dotclear 2.1
Dotclear Dotclear 1.2.1
Dotclear Dotclear 2.1.4
Dotclear Dotclear 2.2.3
4 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »