Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rafael pedrero vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2019-8923
XAMPP up to and including 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued.
Apachefriends Xampp
6.1
CVSSv3
CVE-2019-8926
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
6.1
CVSSv3
CVE-2019-8924
XAMPP up to and including 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued.
Apachefriends Xampp
6.1
CVSSv3
CVE-2019-8927
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Typ...
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
9.8
CVSSv3
CVE-2019-9083
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter. NOTE: This product is discontinued.
Sqlitemanager Sqlitemanager 1.24Sqlitemanager Sqlitemanager 1.20
6.1
CVSSv3
CVE-2018-18775
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product.
Microstrategy Microstrategy Web 7
4.3
CVSSv3
CVE-2019-8925
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityMan...
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
6.1
CVSSv3
CVE-2019-8928
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
6.1
CVSSv3
CVE-2019-8929
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
6.1
CVSSv3
CVE-2018-18776
Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product.
Microstrategy Microstrategy Web 7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook