Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sme vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2017-1000027
Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.
Koozali Sme Server 8.0
Koozali Sme Server 9.2
Koozali Sme Server 9.0
Koozali Sme Server 10.0
4.3
CVSSv2
CVE-2006-0661
Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote malicious users to inject arbitrary web script or HTML via the BBcode url tag.
Scriptme Sme Blog Host
Scriptme Sme Gb Host 1.21
7.5
CVSSv2
CVE-2007-0350
Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. NOTE: the us vector in index.php is already cov...
Sme Filemailer
7.5
CVSSv2
CVE-2007-0346
SQL injection vulnerability in index.php in SmE FileMailer 1.21 allows remote malicious users to execute arbitrary SQL commands via the us parameter.
Sme Filemailer 1.21
5.4
CVSSv2
CVE-2014-7314
The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Magzter Intelligent Sme 3
7.5
CVSSv2
CVE-2007-0339
SQL injection vulnerability in index.php (aka the login form) in Scriptme SMe FileMailer 1.21 allows remote malicious users to execute arbitrary SQL commands via the Password field (ps parameter). NOTE: some of these details are obtained from third party information.
Scriptme Sme Filemailer 1.21
7.5
CVSSv2
CVE-2006-0856
SQL injection vulnerability in login.php in Scriptme SmE GB Host 1.21 allows remote malicious users to execute arbitrary SQL commands and bypass authentication via the Username parameter.
Scriptme Sme Gb Host 1.21
NA
CVE-2023-20010
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote malicious user to conduct SQL injection attacks on ...
Cisco Unified Communications Manager
NA
CVE-2023-20211
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote malicious user to conduct SQL injection attacks on ...
Cisco Unified Communications Manager 14.0
Cisco Unified Communications Manager
NA
CVE-2020-3420
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) at...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »