Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manuel lopez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1845
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp.
Expinion.net News Manager Lite 2.5
3 EDB exploits
NA
CVE-2004-1846
Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote malicious users to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.
Expinion.net News Manager Lite 2.5
3 EDB exploits
NA
CVE-2004-0271
Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote malicious users to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the SendTo parameter in Personal Messages, (3) the HTTP_REFERER for down.asp, or (...
Maxwebportal Maxwebportal 1.30
Maxwebportal Maxwebportal 1.31
2 EDB exploits
NA
CVE-2004-1843
SQL injection vulnerability in Member Management System 2.1 allows remote malicious users to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp.
2 EDB exploits
NA
CVE-2004-1844
Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote malicious users to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp.
2 EDB exploits
NA
CVE-2004-1968
The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and previous versions allows remote malicious users to read arbitrary messages by modifying the id parameter.
Openbb Openbb 1.0 .0 Rc1
Openbb Openbb 1.0 .0 Rc2
Openbb Openbb 1.0 .0 Beta1
Openbb Openbb 1.0 .0 Rc3
Openbb Openbb 1.0 .5
Openbb Openbb 1.0 .6
1 EDB exploit
NA
CVE-2004-1847
News Manager Lite 2.5 allows remote malicious users to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie.
1 EDB exploit
NA
CVE-2004-1873
SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote malicious users to gain privileges via the catcode parameter.
Alan Ward A-cart 2.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started