Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
itas team vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-2564
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.
Projectsend Projectsend 561
1 EDB exploit
NA
CVE-2014-9178
Multiple SQL injection vulnerabilities in classes/ajax.php in the Smarty Pants Plugins SP Project & Document Manager plugin (sp-client-document-manager) 2.4.1 and previous versions for WordPress allow remote malicious users to execute arbitrary SQL commands via the (1) vendor...
Smartypantsplugins Sp Project \\& Document Manager
1 EDB exploit
NA
CVE-2015-2275
Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 prior to 2014-12-26 allows remote malicious users to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy.
Wotlab Community Gallery 2.0
1 EDB exploit
NA
CVE-2015-2825
Unrestricted file upload vulnerability in sam-ajax-admin.php in the Simple Ads Manager plugin prior to 2.5.96 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file...
Simple Ads Manager Project Simple Ads Manager
1 EDB exploit
5.3
CVSSv3
CVE-2015-2826
WordPress Simple Ads Manager plugin 2.5.94 and 2.5.96 allows remote malicious users to obtain sensitive information.
Simple Ads Manager Project Simple Ads Manager 2.5.94
Simple Ads Manager Project Simple Ads Manager 2.5.96
1 EDB exploit
NA
CVE-2015-1428
Multiple SQL injection vulnerabilities in Sefrengo prior to 1.6.2 allow (1) remote malicious users to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id paramet...
Sefrengo Sefrengo
1 EDB exploit
NA
CVE-2015-1518
SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript prior to 2.3.0 allows remote malicious users to execute arbitrary SQL commands via the search_terms parameter.
Redaxscript Redaxscript
1 EDB exploit
NA
CVE-2015-2824
Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin prior to 2.7.97 for WordPress allow remote malicious users to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to...
Simple Ads Manager Project Simple Ads Manager 2.5.96
Simple Ads Manager Project Simple Ads Manager 2.5.94
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started