Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ivano binetti vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1898
Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) user[name], (2) user[email], or (3) user[username] parameters.
Ivano Binetti Wolf Cms
1 EDB exploit
NA
CVE-2012-1922
Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom WLM-2501 allow remote malicious users to hijack the authentication of administrators for requests that modify settings for (1) Mac Filtering via admin/formFilter, (2) IP/Port Filtering via formFilter, (3) Port ...
Sitecom Wlm-2501 -
2 EDB exploits
NA
CVE-2012-1978
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Agenda 2.2.8 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) add an administrator via a request to auth/process.php, (2) delete an admi...
Simple Php Agenda Project Simple Php Agenda
1 EDB exploit
NA
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5
Apache Tomcat
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
1 EDB exploit
NA
CVE-2013-2271
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote malicious users to bypass authentication and gain administrator access via a request to login.cgi.
Dlink Dsl-2740b Firmware -
Dlink Dsl-2740b -
1 EDB exploit
NA
CVE-2013-5730
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote malicious users to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to ...
Dlink Dsl-2740b Firmware 1.00
Dlink Dsl-2740b -
1 EDB exploit
NA
CVE-2012-2156
Multiple cross-site scripting (XSS) vulnerabilities in Plume CMS 1.2.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the u_email parameter (aka Authors Email field) to manager/users.php, (2) the u_realname parameter (aka Authors...
Plume-cms Plume Cms 1.2.1
Plume-cms Plume Cms 1.2
Plume-cms Plume Cms 1.1.3
Plume-cms Plume Cms 1.0.6
Plume-cms Plume Cms 1.0.5
Plume-cms Plume Cms
Plume-cms Plume Cms 1.0.4
Plume-cms Plume Cms 1.0.3
Plume-cms Plume Cms 1.2.3
Plume-cms Plume Cms 1.2.2
Plume-cms Plume Cms 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2012-2629
Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and previous versions allow remote malicious users to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to ad...
Axous Axous
1 EDB exploit
NA
CVE-2012-1921
Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote malicious users to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter.
Sitecom Wlm-2501 -
2 EDB exploits
NA
CVE-2012-1936
The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and previous versions associates a nonce with a user account instead of a user session, which might make it easier for remote malicious users to conduct cross-site request forgery (CSRF) attacks on speci...
Wordpress Wordpress 3.0.5
Wordpress Wordpress 2.8.5.2
Wordpress Wordpress 1.2.3
Wordpress Wordpress 2.0.11
Wordpress Wordpress 1.3.3
Wordpress Wordpress 2.8.6
Wordpress Wordpress 2.0
Wordpress Wordpress 2.1.1
Wordpress Wordpress 2.2.3
Wordpress Wordpress 2.0.2
Wordpress Wordpress 2.1
Wordpress Wordpress 1.1.1
Wordpress Wordpress 1.2.4
Wordpress Wordpress 2.0.6
Wordpress Wordpress 2.0.1
Wordpress Wordpress 2.8.4
Wordpress Wordpress 2.0.4
Wordpress Wordpress 3.0.2
Wordpress Wordpress 3.2.1
Wordpress Wordpress 3.1.4
Wordpress Wordpress 2.2
Wordpress Wordpress 1.2.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »