Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
john leitch vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-5278
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some ...
Modx Modx Revolution
1 EDB exploit
NA
CVE-2010-4883
Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote malicious users to inject arbitrary web script or HTML via the modhash parameter.
Modx Revolution 2.0.2-pl
1 EDB exploit
NA
CVE-2010-4518
Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search plugin 0.7 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the v1 parameter.
Wobeo Wp-safe-search 0.7
1 EDB exploit
9.8
CVSSv3
CVE-2015-8608
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote malicious users to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive letter or (2) pInName argument.
Perl Perl 5.22
NA
CVE-2010-2669
Cross-site scripting (XSS) vulnerability in admin/editors/text/editor-body.php in Orbis CMS 1.0.2 allows remote malicious users to inject arbitrary web script or HTML via the s parameter.
Novo-ws Orbis Cms 1.0.2
1 EDB exploit
NA
CVE-2010-2850
Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possibly other versions prior to 10.07.12, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the dir parameter.
Nusoftware Nubuilder 09.09.23
Nusoftware Nubuilder 09.08.20
Nusoftware Nubuilder
Nusoftware Nubuilder 09.07.24
Nusoftware Nubuilder 09.06.26
Nusoftware Nubuilder 09.06.10
1 EDB exploit
NA
CVE-2010-4747
Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the pluginurl parameter.
Ahmattox Processing Embed Plugin 0.5
1 EDB exploit
NA
CVE-2010-4800
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote malicious users to execute arbitrary SQL commands via the type parameter.
Baconmap Baconmap 1.0
1 EDB exploit
NA
CVE-2010-4801
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter.
Baconmap Baconmap 1.0
1 EDB exploit
NA
CVE-2010-4873
Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote malicious users to inject arbitrary web script or HTML via the id parameter.
Webidsupport Webid 0.8.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »